Explore the Munich Re Group

Get to know our Group companies, branches and subsidiaries worldwide.

Privacy Statement

    alt txt

    properties.trackTitle

    properties.trackSubtitle

    PLEASE READ THIS PRIVACY STATEMENT CAREFULLY BEFORE USING THIS WEBSITE.

    Last updated: January 26, 2024

    About us and scope

    The Hartford Steam Boiler Inspection and Insurance Company and its affiliates and subsidiaries (“HSB”, “we”, “us”, or “our”) are committed to protecting the privacy of your personal data. This Privacy Statement applies to https://www.munichre.com/hsb and other websites or applications that link to this Privacy Statement owned or controlled by, or affiliated with, HSB and/or its parent company, Munich Re (the “Sites”) and other offline activities, programs, and services where individuals are directed to this Privacy Statement. This Privacy Statement explains our policies and practices concerning collection, use, disclosure, and processing of your Personal Information collected through the Sites and by other related means (for example, through e-mail, phone calls and other communications). If you are viewing this Privacy Statement on one of our Sites , or use any of our products and services that reference or link to this Privacy Statement (the “Services”), please also review our Legal Terms of Use, which may apply to your use of the Sites and Services. Your use of the Sites and Services are subject to this Privacy Statement and the Legal Terms of Use, which may apply to your use of the Sites and Services. By using our Sites and Services, you acknowledge that you have read, understand and accept this Privacy Statement and the Terms of Use (as applicable).

    Personal Information We Collect

    We collect information that identifies, describes, relates to or is reasonably capable of being associated with you (“Personal Information”) on our Sites and in the course of providing our Services. The types of Personal Information that we collect vary depending on your relationship with us. For example, we collect and use different Personal Information according to whether you are an insured policyholder, a claimant, a customer to whom we provide inspection services, a user of or participant in one of our technology programs, or a visitor of our Site(s). When you provide Personal Information to us about other individuals (for example, where you are a customer to whom we provide services and you provide us with Personal Information about your employees or your own customers), we will collect, use and disclose such Personal Information in accordance with this Privacy Statement. You must be authorized by the individual(s) to provide us with their Personal Information and it is your responsibility to refer such individuals to this Privacy Statement before providing us with Personal Information on their behalf.

    We collect and use Personal Information to fulfill our intended business purposes. Personal Information does not include publicly available information or deidentified or aggregated information.

    We may collect Personal Information directly from you and from other sources on our Sites and to provide our Services. The Personal Information collected may include:

    • Individual Identifiers and Contact Information (which may include Family Members) such as full name, address, email address, telephone number, job title, company name, passwords on our systems, and relationship to the policyholder, insured, or claimant.
    • Government-Issued Identification Numbers such as social security or national insurance number, driver’s license number or other government-issued identification numbers. 
    • Account Information such as your email, phone number, username and password if you create an account with us.
    • Policy or Claims Information such as information and materials you provide to us in connection with your policy or as part of a claim, and other information you choose to provide to us. 
    • Financial Information and Account Details such as payment card number, bank account number or other financial account number and account details, billing address and other related information.
    • Contents of Communications you choose to provide to us such as your emails, messages, and information you provide through online web forms.
    • Telephone Recordings with our representatives and call centers for quality assurance and training purposes.
    • Photographs and Video Recordings in connection with our insurance or business activities, including claims adjudication, disputes, or for other relevant purposes as permitted by law.
    • Marketing preferences, customer feedback, online forms and survey responses such as information about the types of Services you use, your marketing and communication preferences, voluntary survey responses, account preferences, and any other information you choose to provide.
    • Information We May Collect Automatically if you provide prior affirmative consent to us, such as IP address, unique device ID, device type, network and browsing history, interaction with our Sites and Services, and geolocation information.
    • Information Necessary to Provide our Services such as data collected by sensors and sensor-related equipment, device and equipment information, environmental data, and related metadata.
    • Supplementary Information from Other Sources such as publicly available information from social media services, information from commercially available sources and information from our affiliates, business partners and vendors such as agents, brokers, administrators, adjusters and other representatives. Examples include information about your insurance coverage or claim information.

     

    Business and Commercial Purposes for Which Personal Information is Collected and Used

    The categories of Personal Information described above are collected and may be used and disclosed for the following business or commercial purposes: 

    • to provide you with, renew or modify products and services; 
    • to provide you with the information and documents you request and for other customer service purposes; 
    • to process claims and other legal actions; 
    • to provide you with information about our websites, mobile applications, or online services that link to our online Privacy Statement or required notices;
    • to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing, collections and payments; 
    • to deliver marketing communications or promotional materials that may be of interest to you and to assist us in determining relevant advertising; 
    • for advertising and marketing purposes, as well as underwriting and claims assessment and actuarial purposes, we may share your information with analytics service providers; 
    • to improve, enhance, and maintain the quality of services we provide and the usefulness of our websites, mobile applications, online services, devices, equipment, and other products and services;
    • to customize your experience and to analyze use of our websites, mobile applications, online services, devices, equipment, and other products and services;
    • to anonymize and aggregate data and reports to assess, develop and improve our products and services and for other analytics and research purposes; 
    • to comply with applicable laws; 
    • to respond to law enforcement requests, court orders or regulations, subpoenas, search warrants, other legal processes, or to perform other reporting obligations, as required by applicable law; 
    • to perform research, testing and product development and demonstrations; 
    • to prevent and detect fraudulent, malicious, deceptive, infringements of our policies and contracts and other potential misuse of or illegal activity relating to our products, services and assets; 
    • to carry out actuarial analysis and develop our actuarial and pricing models; 
    • to assist our affiliates in their everyday business purposes; 
    • to provide training or organize events; 
    • to investigate privacy, security or employment-related incidents; 
    • to refer you to our third-party partners as part of a referral program; 
    • to conduct financial, tax and accounting audits, and audits and assessments of our business operations or security and financial controls; 
    • to plan, engage in due diligence for, and implement commercial transactions; 
    • for employment-related purposes including but not limited to recruiting, hiring, onboarding, performance reviews and staffing decisions; human resource management services; administration of employee benefits, compensation and expenses; maintenance of contact information; conducting healthcare-related services; and provide alerts and notices; 
    • to evaluate or conduct a merger, acquisition, restructuring, reorganization, divestiture, dissolution or other sale or transfer of some or all of our assets as a going concern or as part of bankruptcy, liquidation or similar proceeding;
    • to secure our offices, premises and physical assets, including through the use of electronic access systems; and
    • as described to you when collecting your Personal Information or as otherwise permitted under applicable law.

    We will not collect additional categories of Personal Information or use the Personal Information collected for materially different, unrelated, or incompatible purposes without providing you notice.

    For individuals whose personal data is subject to the European Union General Data Protection Regulation (EU GDPR), please refer to our Binding Corporate Rules regarding your rights concerning the processing of your personal data.

    Disclosure of Your Personal Information

    We may disclose your Personal Information as permitted by applicable law, and with your consent where required, as follows:

    • to vendors and service providers to perform services on our behalf and other services related to our business such as processing claims, policy servicing and customer support, communication services, advertising and marketing, website services and analytics, research, and tax, legal and accounting services. 
    • to subsidiaries, affiliates, agents, brokers in performance of our Services and to business partners to offer products and services.
    • to advertising and marketing partners to send you information about our Services.
    • for commercial transactions such as acquisitions, mergers, asset sales or transfers, bankruptcy or reorganization.
    • to address legal matters such as compliance with law or a subpoena, a judicial proceeding, court order, government, regulator or law enforcement requests, or other legal process.
    • to prevent fraud, respond to suspected or actual illegal activity, respond to or investigate an audit, complaint or security threat, violations of this Privacy Statement, our Legal Terms and Conditions, or any other agreement you enter into with us, and to protect and defend our and others’ legal rights, safety and security.
    • we may disclose deidentified or aggregate information for commercial and legitimate business purposes. We will maintain and use deidentified information without attempting to reidentify it other than as permitted by law. 
    • we may disclose Personal Information in other ways not already described with prior notification to you and, if needed, we will obtain your consent.

    Transmitting your Personal Information

    Please be aware that Personal Information collected through the Site(s) and through providing the Services may be transferred to, stored in, or processed in the United States, Canada, or Europe, where our servers are located and our database is operated, or where our affiliates’ or third-party service providers’ servers or databases are located. We only share your Personal Information in order to fulfill the business and commercial purposes for which you provide it to us (which are listed above).

    Security

    We have implemented physical, administrative, and technical safeguards designed to protect your Personal Information from loss and unauthorized access, disclosure, use, alteration and destruction. However, despite the measures we take, we cannot guarantee data security.

    Use of Cookies, Data Collection Technologies, Data Analytics, Advertising and Your Choices

    Cookies and Online Data Collection Technologies. Cookies are pieces of information stored on your device through your web browser. Some cookies allow us to recognize your device and to collect information such as internet browser type, time spent on our Sites, pages visited and other activity and usage data (“Statistical / Range Measurement cookies”). We may use other online data collection technologies such a pixel tags, web beacons and clear GIFs which are embedded within our Sites to collect information about your use of our Sites and in HTML-formatted email messages to track when emails are viewed and forwarded and email response rates. We may also use the information for security purposes, to facilitate navigation, support security and performance of our Sites, manage content or personalize your experience while using our Sites, and to present advertising to you as described below.

    Data Analytics. We only use a Statistical / Range Measurement cookie or other online data collection technology, and disclose information to our website data analytics service provider Adobe Analytics that is not traceable to your IP address or linked to your other Personal Information, to perform statistical analyses of use of our Sites if you provide your prior, affirmative authorization. To learn more about the use of data collection technologies by Adobe for analytics and to exercise choice regarding those technologies, please visit the Adobe Analytics opt-out page.

    Advertising. Cookies or other online data collection technology also allow us to present to you advertisements regarding our products and services that are most likely to appeal to you and to track your responses to our advertisements (collectively, “Marketing cookies”). We will only use a cookie or other online data collection technology for advertising purposes regarding our products and services if you provide your prior, affirmative authorization.

    Your Choices. By default, the Statistics / Range Measurement and Marketing cookies on our Sites are disabled. To learn more, please click on the Cookie Settings link at the bottom of our website where you will find instructions, an explanation of how we use Statistics / Range Measurement and Marketing cookies, and you can change the default settings for each cookie if you wish to enable them.

    If you have enabled the Statistics / Range Measurement cookie and / or Marketing cookie, you can use the Cookie Settings link to at any time to disable the cookie(s) again.

    You can also learn more about opting out of receiving targeted advertising from third party ad networks that participate in the Digital Advertising Alliance at WebChoices: Digital Advertising Alliance's Consumer Choice Tool for Web US (aboutads.info) or the Network Advertising Initiative at NAI Consumer Opt Out (networkadvertising.org).

    You can opt out of receiving email marketing communications from us by using the “unsubscribe” link in any marketing email we send you. If you opt out of receiving marketing messages, we may still send you non-marketing communications regarding the services we provide to you.

    Do Not Track

    We do not respond to web browser “Do-Not-Track” signals at this time.

    Childrens’ Privacy

    Our Sites and Services are not directed to, and we do not intend to or knowingly collect Personal Information from children under 13. If we learn that we have collected any Personal Information from a child under the age of 13 without verifiable parental consent, we will delete that information from our files as quickly as possible. If you believe that we may have collected information from a child under 13, please contact us at the email address provided below.

    External Links

    Our Sites and the Services may include links to websites that are operated by organizations we do not own or control. We are not responsible for the content or privacy practices of linked websites or their collection or use of your information. If you leave our Site via such a link, you should review those other websites' privacy policies, terms of use, and other notices before providing your information to learn how they will handle any information they collect from you.

    Changes to Our Privacy Statement

    We may, from time to time, make changes to or modify our Privacy Statement. The most recent version is always available on this website. If we make changes to this Privacy Statement, we will provide the date it was Last Updated at the top of this page and post it on our Sites and make it available through our Services. To the extent permitted by law, any changes or modifications will be effective immediately upon posting. Your continued access to and use of our Sites and Services after this Privacy Statement has been modified constitutes your acceptance of the revised Statement. We recommend that visitors to this site revisit this Privacy Statement periodically to learn of new privacy practices and changes to our Statement.

    How to Contact Us

    If you have any questions or comments about this Privacy Statement or other privacy-related inquiries, please contact us at:

    The Hartford Steam Boiler Inspection and Insurance Company
    Attn: Corporate Communications
    One State Street
    Hartford, CT 06102-5024

    Email: customer_solution_center@hsb.com
    Telephone: 1-800-472-1866

    ADDITIONAL PRIVACY STATEMENT FOR CALIFORNIA RESIDENTS

    This section supplements our Privacy Statement and provides specific information for residents of California (“consumers” in this section), and is intended to satisfy the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (collectively, referred to as "CPRA"). The CPRA requires that we provide certain information to California consumers about how we handle your Personal Information that we have collected, whether online or offline. Under the CPRA, “Personal Information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household, including the categories of Personal Information identified in a table below to the extent they identify, relate to, describe, are reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.

    Our website is operated by our parent company “Munich Reinsurance Company”. You will therefore find information on the use of cookies in our general Privacy Statement. Please click here to view the section describing our use of cookies.

    This section of our Privacy Statement applies to www.munichre.com/hsb and other websites or applications that link to this Privacy Statement and offline activities, services, and programs where California residents are directed to this section of our Privacy Statement (the “Services”). It does not apply to any third party websites or applications that you may access via the Services, which are governed by the privacy policies and terms of use that appear on those sites and applications.

    If you are a California resident and would like to exercise your rights under the CPRA, please:

    • Click here and complete the form; OR
    • Contact us at this toll-free telephone number: 1-844-960-3128 and when prompted, input PIN number 306104

    Our CPRA Notice at Collection is found below.

    When We Are Acting as a Service Provider

    In some circumstances, we act as a service provider under the CPRA and collect and use Personal Information on behalf of another unaffiliated company. Where your Personal Information is processed by us when acting as a service provider, the other company’s privacy policy will apply, and requests to exercise CPRA rights should be submitted directly to that company. In other circumstances, we act as a service provider for one of our own affiliated companies, and in that situation this section of the Statement will apply. If you make a request to exercise CPRA rights to us where we are acting as a service provider under the CPRA, we may be required to disclose your request to the company for which we are acting as a service provider.

    Personal Information Not Covered by the CPRA

    For purposes of this Additional Privacy Statement for California Residents, the following personal information is not covered by the CPRA or this statement:

    • Publicly information lawfully made available from government records.
    • De-identified or aggregated consumer information.
    • Information excluded from the CPRA's scope, like:
      • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
      • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

    California Notice At Collection

    Categories of Personal Information Collected, Disclosed, Sources and Whether Sold or Shared

    The type of information we collect from you depends on how you interact with us. The table below lists the categories of Personal Information that we have collected from California residents and have disclosed to others for a business purpose in the preceding twelve (12) months, the categories of sources of Personal Information from which the Personal Information is collected, and whether we sell or share each collected category of Personal Information. Some Personal Information included in the categories below may overlap with other categories.

    We collect Personal Information from the following categories of sources and their representatives: our prospective and actual policyholders; other insured persons; corporate policyholders and companies we reinsure; reinsurance intermediaries of the companies we reinsure; claimants; others with information about the risk that we are insuring or reinsuring or about a claim; prospective and actual agents; our policyholders’ agents; brokers; prospective and actual business partners, vendors, contractors and service providers; our affiliates; third party administrators; adjusters; investigators; third party data providers; consumers who access our internet websites, internet forms and applications; consumers who utilize our technology products and services; and from consumers in connection with research and outreach.

    We may disclose for a business or commercial purpose each of the categories of Personal Information described in the table below to the following categories of parties: vendors and service providers, agents, brokers, regulators, auditors, counsel, consultants, reinsurers, retrocessionnaires, advisors, representatives, our affiliates and subsidiaries, other website users, business partners, advertising networks, banks, operating systems or platforms, law enforcement, government entities and courts.

    For more information about the business and commercial purposes for which we may collect or disclose such information, please review the “Business and Commercial Purposes for which Personal Information is Collected and Used” section in our general Privacy Statement.

    Categories Collected & Disclosed in the last 12 months Personal Information Examples Collected Categories of Sources Disclosed for Business or Commercial Purpose Sell or Share
    Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Some identifiers included in this category may overlap with other categories. Yes From you directly. From you directly and automatically if you provide prior affirmative, opt-in consent for unique personal or online identifier, IP address or cookie data. From agents and brokers. From our corporate clients. From our service providers. Yes No – do not sell No – do not share. We disclose online identifiers such as a unique personal identifier, device ID, IP address or cookie data for cross-contextual behavioral advertising only if you provide prior affirmative, opt-in consent.
    Personal Records information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes From you directly. From agents and brokers. From our corporate clients. From our service providers. Yes No – do not sell No – do not share
    Characteristics of Protected Classifications under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion, marital status, pregnancy, medical condition, physical or mental disability, sex, sexual orientation, and veteran or military status. Some protected classification characteristics included in this category may overlap with other categories. Yes From you directly. From agents and brokers. From our corporate clients. From our service providers. Yes No – do not sell No – do not share
    Commercial Information Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes Directly from you. From devices and equipment you purchase or utilize as part of a program or service. Yes No
    Biometric Information An individual’s physiological, biological or behavioral characteristics, including DNA information that can be used to establish individual identity. includes imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings from which an identifier template such as a faceprint, voiceprint can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data containing identifying information. Yes From you directly. From our service providers. Yes No – do not sell No – do not share
    Internet or network activity information Internet or other electronic network activity information, including, but not limited to, browsing history, search history, information regarding a consumer’s interaction with internet websites, applications, or advertisements. Yes From you directly automatically and from other sources if you provide prior affirmative, opt-in consent. Yes No - do not sell No – do not share. We disclose online identifiers such as a unique personal identifier, device ID, IP address or cookie data for cross-contextual behavioral advertising only if you provide prior affirmative, opt-in consent.
    Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes and student disciplinary records. Yes From you directly. From agents and brokers. From our corporate clients. From our service providers. Yes No – do not sell No – do not share
    Geolocation Data Physical location or movements. Yes From you directly and automatically. From our service providers. Yes No – do not sell No – do not share
    Audio, Electronic, Visual, Thermal, Olfactory or similar information Call recordings, video and photographs. Yes From you directly and automatically. From our service providers. Yes No – do not sell No – do not share
    Professional or employment-related information Employment history, qualifications, licensing, performance evaluations and disciplinary record. Yes From you directly. From our service providers. Yes No – do not sell No – do not share
    Inferences drawn from other personal information Inferences drawn from any of the personal information described in this section about an individual to create a profile including inferences reflecting the individual’s preferences, characteristics, behavior and abilities. Yes From you automatically and from other sources. Yes No – do not sell No – do not share
    Sensitive Personal Information Social security number, driver’s license number, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation (a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet); racial or ethnic origin, religious or philosophical beliefs, or union membership; contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; genetic data; processing of biometric information for the purpose of uniquely identifying a consumer; personal information collected and analyzed concerning a consumer’s health; personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. Yes From you directly. From agents and brokers. From our corporate clients. From our service providers. Yes No – do not sell No – do not share

    Retention of Personal Information

    We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Statement or otherwise disclosed to you at the time of collection. We will retain certain Personal Information for as long as it is necessary pursuant to our records retention guidelines. Our records retention guidelines are based on our legal or business needs including but not limited to the following criteria: legal and regulatory obligations and requirements; contractual requirements owed to third parties; operational, fiscal, administrative or historical value to business operations; the duration of our business relationship with you, your employer or another related entity; the possibility of future complaints; whether the record is part of an insurance or reinsurance transaction or claim file; audits; investigations or litigation or the likelihood of these; the possibility of future insurance or reinsurance claim activity; whether the documentation is needed for processing of financial records; statutes of limitations; health and safety requirements; tax requirements; personnel requirements; corporate governance requirements; and record-keeping requirements.

    Deidentification of Personal Information

    We may deidentify Personal Information and use it for our internal purposes. We commit to maintaining and using this information in deidentified form and will not attempt to reidentify the information, except to determine whether our deidentification process satisfies the CPRA.

    Your Rights and Choices Regarding Your Personal Information

    This section describes the specific rights California consumers have regarding their personal information under the CPRA, subject to certain exceptions, and how to exercise those rights:

    Right to Know: You have the right to request from us, up to two (2) times per year and subject to certain exemptions, the personal information we have collected about you in the prior twelve (12) months including: 

    • the categories of personal information;
    • the categories of sources from which we collect the personal information;
    • our business or commercial purpose for collecting, selling, or sharing the personal information;
    • the categories of third parties to whom we have disclosed the personal information; and
    • the specific pieces of personal information we have collected about you.

    Right to Delete. You have the right to request deletion of personal information we have collected from you under certain circumstances, subject to certain exceptions.

    Right to Correct. You have the right to request correction of inaccurate personal information we maintain about you, subject to certain limitations.

    Right to Opt-Out of Sale or Sharing of Personal Information: If a business “sells” or “shares” Personal Information as those terms are defined under the CPRA, you have the right to opt-out of the sale or sharing of your Personal Information. As explained below, we do not and will not sell or share your Personal Information.

    We do not “sell” your Personal Information under the CPRA because we do not disclose Personal Information to a third party for monetary or other valuable consideration. We only use Statistical / Range Measurement cookies, and disclose information to our website data analytics service provider Adobe that is not traceable to your IP address or linked to your other Personal Information, to perform statistical analyses of use of our website if you direct us to intentionally do so by providing your prior, affirmative authorization. 

    We also will only disclose your online identifiers such as cookie data for cross-contextual behavioral advertising purposes regarding our products and services if you direct us to intentionally use Marketing cookies by providing your prior, affirmative authorization, which is not “sharing” under the CPRA. 

    Please review the “Use of Cookies, Data Collection Technologies, Data Analytics, Advertising and Your Choices” section in our general Privacy Statement or the Cookie Settings link at the bottom of our website to learn more and to exercise your choices.

    Right to Limit Use and Disclosure of Sensitive Personal Information. We do not use or disclose sensitive personal information other than for limited purposes permitted under the CPRA and, as such, are not required to offer a consumers a right to limit its use. 

    Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights under the CPRA.

    Incentives

    The CPRA imposes requirements on any financial incentives offered to California consumers related to their Personal Information. Businesses may offer different prices, rates, or quality of goods or services if the difference is reasonably related to the value of the consumer’s data.

    How to Exercise Your Rights

    If you are a California resident and would like to exercise your rights under the CPRA, please:

    • Click here and complete the form; OR
    • Contact us at this toll-free telephone number: 1-844-960-3128 and when prompted, input PIN number 306104

    Authorized Agent. You may designate an authorized agent to submit requests and act on your behalf. We require authorized agents to provide proof of their authorization from you.

    Identity Verification. We will validate your identity and the identity of anyone making a request on your behalf relating to your personal information. The information we request to verify your identity may vary depending on the type of request and your relationship with us. Where feasible, we will match the identifying information you provide to the personal information we already maintain about you. We may in some instances request additional personal information from you which we will use only to verify your identity and will delete as soon as practical after responding to your request, except if we need to retain it to comply with CPRA recordkeeping requirements. If we are unable to verify your identity after a good faith attempt, we may deny your request and we will explain the reason for the denial.

    We will respond to your request within the period of time required under law and will notify you if it is reasonably necessary for us to extend our response time.

    ADDITIONAL PRIVACY STATEMENT FOR CANADIAN RESIDENTS

    Consent to the Processing of Personal Information

    We process your Personal Information with your consent or as permitted or required by law. How we obtain your consent, including whether it is express or implied, will depend on the circumstances and the sensitivity of the Personal Information in question. Generally, we will seek your consent at the time we collect your Personal Information, either orally, electronically, or in writing.

    If you wish to withdraw your consent to our processing of your Personal Information, please contact us. We will accommodate your request to withdraw consent, subject to legal or contractual restrictions. Withdrawal of your consent may mean that we will no longer be able to provide you with our Services.

    International Transfer and Storage of Personal Information

    We may transfer your Personal Information outside of Canada to fulfil the purpose for which we collected it, including for processing and storage by our service providers. While your Personal Information is outside of Canada, it is subject to the laws of the country in which it is located, which may have different privacy laws than Canada. Those laws may require disclosure of your personal information to authorities in that country. For more information about our policies and practices regarding personal information that is processed outside of Canada, please contact us. If we transfer your Personal Information to a vendor or service provider, we require that they maintain the confidentiality of your Personal Information and keep it secure. We also require that our vendors and service providers comply with applicable laws and only use your Personal Information for the limited purposes for which it is provided.

    Retention of Personal Information

    We will retain your Personal Information for as long as necessary to fulfill the purposes for which we collected it, and as permitted or required by law.

    Your Privacy Rights

    We expect you to supply us with updates to your Personal Information, when required. We will not routinely update your personal information unless such a process is necessary. You may make a request to review the Personal Information about you that we hold, and we will provide you with any such Personal Information to the extent required by applicable laws. You may also challenge the accuracy or completeness of your Personal Information in our records. If you demonstrate that your Personal Information in our records is inaccurate or incomplete, we will amend or delete your Personal Information as required.

    We may require that you provide sufficient identification to fulfill your request to access or correct your Personal Information. Any such identifying information will be used only for this purpose. We will not charge you any fees to access your Personal Information in our records without first providing you with an estimate of the approximate fees, if any. If you object to how we handle your request, you may have the right to make a complaint to the Privacy Commissioner of Canada or the applicable provincial privacy commissioner. If we are processing your personal information on behalf of our customer, we may refer your access or correction request to that customer.

    Contacting the HSB Canada Privacy Officer

    All comments, questions, concerns, or requests regarding your Personal Information or our privacy practices should be forwarded to our Privacy Officer as follows:

    The Privacy Officer
    The Boiler Inspection & Insurance Company of Canada
    390 Bay Street, Suite 2000
    Toronto, Ontario
    M5H 2Y2

    Attention: Privacy Officer
    E-mail: privacy_support@hsb.ca

    Please include your name, address and if applicable, your policy number.

    Related HSB legal content