THE PROTECTION OF YOUR DATA - AT THE HEART OF OUR COMMITMENTS


When you entrust us with your Personal Data you are creating a trust-based relationship, and we will do all we can to live up to this trust.


For that reason, we are making the protection of your data our highest priority.


Thus we will do all we can to provide your data with the best possible protection, and we are committed to ensuring it benefits from the highest level of security and confidentiality, in compliance with the applicable French and European regulations (regulation 2016/679/UE and law n° 78-17 passed on 6th January 1978 and subsequently amended), referred to hereinafter as ‘ the applicable Regulations ’.


Within this context, the commitments contained in our policy with regard to the processing of Data have as their basis the following 6 basic principles :


  • A sound legal basis : the collection and processing of your Data of a Personal Nature is legitimate and has a specified legal basis that corresponds to the objective (or purpose) and the context of the processing operation.
  • Relevance of the data : we only use your data for the previously-defined purpose, and only collect the data that are strictly necessary for achieving this purpose.
  • Retention period : we establish the period for which your data will be retained, taking account of the objectives of each processing operation and any relevant legal obligations.
  • Security and confidentiality : we place great emphasis on keeping your data protected and secure. Thus we deploy all necessary measures in order to guarantee the confidentiality of these data, and to prevent any breach, loss or damage affecting them, or any disclosure of them to unauthorized parties. These measures are designed in the light of the risks inherent in each processing operation (sensitivity of data, objective of processing operation, etc.)
  • Transparency : we operate with transparency, keeping you informed when collecting your Data of a Personal Nature of the way in which we are using them and then of any sharing of the data with third parties.
  • Respecting your rights : we are careful to respect your rights, informing you of the purpose for which your data is being processed. You have the right to access, rectify and delete these data, or to object to their collection.

Set out in the General Terms and Conditions of Use for our websites and smartphone apps, in our confidentiality policy, and in our ‘Charte RGPD Assurés’ (RGPD insured parties’ charter), is a full statement of our commitments and your rights, and an explanation of the way in which we collect, use, if applicable share, and store your Data of a Personal Nature.

. . .

PRIVACY POLICY


Last updated : Janvier - 2021


This Groupe Henner Privacy Policy has been drawn up in order to inform you of the terms and conditions governing the collection, processing and use of your Personal Data, and of the rights you hold over these data when using our websites and smartphone apps.


Henner reserves the right to amend this Privacy Policy at any time to reflect changes in its websites and smartphone apps, configurations, internal changes in Groupe Henner, or in the relevant regulations, modifications to the procedures for collecting, processing or using your Data of a Personal Nature, or indeed for any other legitimate reason.


Groupe Henner will notify you whenever its Privacy Policy is updated. We would however advise you to check on a regular basis for any amendments made to the Policy. The most recent modifications were made by Groupe Henner on the date indicated at the start of this document.


1- DEFINITIONS


Within the context of this Privacy Policy, the capitalized or non-capitalized terms listed below shall have the meanings indicated:


Insured party : shall designate the individual receiving the cover from an insurance contract (whether or not this person is the policyholder) drawn up, distributed and / or managed by Henner.


Data or Personal Data : shall designate any information relating to an Interested Person.


Data subject : shall designate an identified or identifiable individual ; the term ‘identifiable individual’ shall denote an individual who can be directly or indirectly identified, notably through reference to an identifier, such as a name, an identification number, location data, a username, or one or more elements specific to his or her physical, physiological, genetic, psychological, economic, cultural or social identity.


Member Account : shall designate the area of a Site accessible to Insured parties or to Corporate / HR contacts under the conditions set out in the General Terms and Conditions for Use of the Site, by means of a user name and a password.


Data Controller :shall designate the individual or organization, public authority, department or any other body that, alone or in collaboration with others, determines the purposes of - and procedures for - the Processing of Personal Data.


Sites :shall designate the websites, smartphone apps and online platforms operated by Groupe Henner that contain public areas accessible to any User and Member Acconts through which Henner provides Insured parties or Corporate / HR contacts with services under the terms of the insurance contracts drawn up, managed and / or distributed by Henner. The Sites, including the Member Acconts, are governed by General Terms and Conditions of Use (GTCU), and in addition to them by this Confidentiality Policy.


Processing :shall designate any operation or set of operations that may or may not be carried out with the assistance of automated means and are applied to Data or sets of Data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, circulation or any other means of provision, alignment or combination, or locking, deletion or destruction.


User :shall designate any individual who accesses a Site without the need for identification and without access to a Member Account.


2- PERSONAL DATA PROTECTION


2.1 Which organization is processing your data?


Within the context of use of this Site, the Data are collected and processed by:


Henner, a ‘Société par Actions Simplifiée’ (simplified joint stock company), entered in the Nanterre ‘RCS’ (trade and companies register) under the reference number 323 377 739, with its registered office located at 14 boulevard du Général Leclerc 92200 Neuilly-sur-Seine.


2.2 How do we collect your data?


Your data are collected either directly by Henner when you input them on contact forms, questionnaires and other areas made available to you when you use the services provided on the Site (requests for free call-back, requests for quotations, Member Account, etc.), or indirectly by third parties (notably by third-party cookies’ editors) when you browse the Site.


Henner will inform you when the provision of an item of information is required (notably due to a statutory regulatory or contractual obligation or else simply so that your request can be processed or your inquiry dealt with). Should you fail to provide information marked as “mandatory”, Henner may be unable to deal with the request or inquiry or to process the form concerned.


Those parts of a form that are not marked as “mandatory” are to be dealt with as you see fit - you may opt to complete them or not.


The following categories of Data are liable to be processed within the context of use of the Site (excluding the Member Account for Insured parties) :


  • Data regarding identity ;
  • Data regarding the following up of business relations ;
  • ata regarding location and connection ;

2.3 Why do we process your data?


Your data are processed by Henner for the purposes, and on the legal basis, set out below:


  1) Within the context of use of this Site


Processing

Purpose (objective to be attained)

Legal basis

Management of sites and smartphone apps

- Technical administration of sites and smartphone apps
- Management of access, of security, of maintainability, of changes to sites and applications
- Management of cookies

- Legitimate interest of Henner to ensure the availability and satisfactory functioning of its Sites and smartphone apps.
- Consent for the use of certain cookies

Commercial management

- Responding to contact requests, inquiries or requests for quotations, etc.
- Management of prospective clients
- Management of clients (notably HR contacts)

- Legitimate interest of Henner to respond to contact requests, inquiries or requests for quotations

Management of requests to exercise rights

- Responding to applications to exercise rights
- Managing and following up on applications to exercise rights

- Legal and regulatory obligations

Managing complaints

- Responding to complaints
- Managing and following up on complaints

- Legal and regulatory obligations


 2) Within the context of management of the insurance contract held by the Insured parties


You will find the full set of information concerning the terms and conditions for collection, processing and use of your Data within the context of your insurance contract (and notably within the context of use of your Member login and Client login), and the rights you hold with regard to said Data, in the “Website Privacy Policy October 2020” accessible below.


2.4 Who can access your data?


Within the context of use of the Site, your data are principally intended for use by Henner, but they may also be supplied to third-party cookies’editors or to service providers acting for Henner to carry out internal operations on the Site, notably hosting, maintenance, managing access, or for any operation connected to the activities of Henner for the purposes set out in article 2.3 of this document, but only to the extent that this is required in order to carry out the operations with which they have been tasked. The subcontractors concerned are required to maintain the confidentiality and security of your Data and to deploy the appropriate measures in this connection.


2.5 Where are your data hosted?


Henner undertakes, within the context of its activities and in accordance with the applicable Regulations, to deploy all the appropriate technical and organizational measures to ensure the security, availability, integrity, authenticity and confidentiality of your data, as well as the resilience of its IT systems.


Henner shall favour the hosting and processing of your Data in France or within the European Union (EU).


If you think you may have lost your identifiers, or under any other circumstances that may give rise to risks for the Sites and your Data, we would invite you to contact Henner immediately, and if the incident involves the loss or disclosure of your identifiers enabling access to your Member Account, we would recommend that you immediately request a new password in your Member Account in the “changing your password” tab.


2.6 How long will we retain your your data?


Your Data will be retained for the period required for achievement of the purposes set out above, plus the applicable legal provision.


2.7 What are your Rights and how can you exercise them?


In accordance with the applicable Regulations and under the conditions stipulated by these Regulations, you have the following rights:


  • Right of access: to obtain information regarding the processing of your Data, and a copy of said Data;
  • Right to rectification: to have your data corrected if they are inaccurate or incomplete;
  • Right of erasure: to have your data removed, provided you meet the conditions laid down by the applicable regulations;
  • The right to withdraw your consent at any point after you have given it ;
  • Right to object: to object at any point, for reasons arising from your particular circumstances, to any processing of your Data, unless Henner demonstrates that there are legitimate and compelling reasons for the processing that override your interests, rights and liberties, or that the processing operation(s) are required for the demonstration, exercise or defence of rights within the context of legal proceedings;
  • Right to Data portability over the Data that we have received from you and that we require for the contract, or for which your consent was requested;
  • Right of restriction of processing: to limit the usage of your Data to retention alone, provided you meet the conditions laid down by the regulations ;
  • The right to specify guidelines concerning the fate of your Data after your death.

You may exercise these rights upon request, providing proof of your identity by any means and explaining the purpose of your request, via the following email address : dpo@henner.com or postal address : Henner, Délégué à la protection des données, Conformité/Relation Assureurs, 14 Boulevard du Général Leclerc 92 200 Neuilly sur Seine


Finally, should a dispute regarding your data persist, you also have the right to lodge a complaint with the CNIL data protection authority :


  • either directly via the CNIL website www.cnil.fr
  • or by post : 3 Place Fontenoy – TSA 80715 – 75334 Paris Cedex 07.

3- COOKIES AND OTHER TRACKING FILES


The Site may automatically collect information by means of cookies or tracking files received when you visit the Site.


For more information regarding the cookies that we use and the means by which you can deactivate them, please consult our policy on cookie management .



UnitedHealthcare Global Website Privacy Policy


1. YOUR RIGHT TO PRIVACY


We recognise that the privacy of your Personal Information is important. As used in this policy, terms such as "we" or "our" and "Company" refer to UnitedHealthcare Global branded companies and current and future affiliated entities (herein "UnitedHealthcare Global"), including our parent company UnitedHealth Group.


The following Product Privacy Notices supplement this policy and explain specific privacy practices with respect to certain products and services that you may use.


Insurance Privacy Notices:


2. YOUR PERSONAL INFORMATION


We collect Personal Information about you when you provide such information to us to purchase a product or service, request information about our products or services, become a member of one of our online resources or when this information is given to us by affiliated entities or third parties. "Personal Information" is information that would allow someone to identify or contact you, including, for example, your full name, address, telephone number, or email address. In addition, depending upon the service that we provide, we may collect information about your travel plans or health information to create an emergency medical record when you call our Emergency Response Centre to open a case or when you seek coverage for an insurance service. Personal Information does not include aggregated or bundled information that, by itself, does not permit the identification of individual persons, such as statistics on the number of persons visiting a website each month.


You provide certain Personal Information to us when you: (a) order products and services from our websites; (b) submit forms through the Member Portal website; (c) request information about our products and services on our website or Member Portals; (d) send other information to us through the "Feedback" interface; or (e) take an online survey. Your employer, or an affiliated entity, may provide information about you to us to enable us to provide you and your employer services, such as travel, insurance and security related services.


We use Personal Information to provide you with services that you purchase or services that are purchased by your employer or affiliated entity. We also use Personal Information to respond to requests regarding our products or services. We take reasonable steps to ensure that information is reliable and relevant for its intended use, accurate, complete, and current. We will retain Personal Information as long as we need to perform services listed in this policy. We do not accept payments on this website.


3. ONLINE COMMUNICATION PRACTICES


We may send electronic newsletters, White Papers, notification of account status, and other communications, such as marketing communications, on a periodic basis to various individuals and organisations. We may also send email communications regarding topics such as general information about our services, website updates, travel and security alerts, and general travel, health and security topics. We offer you appropriate consent mechanisms for marketing and certain other communications. As examples, you may opt- out as provided for in a specific email communication or contact us as described below in the section "Contact Us". Please be aware that opt-outs may not apply to certain types of communications, such as account status, website updates, or other communications.


Email forwarding functionality is provided in many of our communications. Using this functionality will forward the communication privately. However, if you use the forwarding methods, like those provided by your email server, they may transfer Personal Information.


4. SHARING PERSONAL INFORMATION


We will only share Personal Information with third parties as outlined in this policy and as otherwise permitted by law. We do not sell or rent your Personal Information to third parties.


Personal Information may be disclosed to judicial or other government agencies subject to warrants, subpoenas, court orders, statutory or regulatory bodies or other governmental order or decrees.


In the event of a transfer of ownership, a sale of assets, or a bankruptcy of the Company, Personal Information gathered from purchasing or making reservations for products or services or electing to receive communications, such as emails, may be passed on to any resulting entity.


If you submit information or a posting to a chat room, bulletin board, or similar "chat" related portion of this website, the information you submit along with your screen name will be visible to all visitors, and such visitors may share with others. Therefore, please be thoughtful in what you write and understand that this information may become public.


We may share Personal Information with other companies or affiliated entities that we collaborate with or hire to perform services on our behalf or act as our agent. We will require that any such entities or persons providing services on our behalf agree to protect Personal Information and use it only for the purposes for which the information is transferred.


5. WEBSITE AND INFORMATION SECURITY


We maintain reasonable administrative, technical and physical safeguards designed to protect the information that you provide on this website. However, no security system is impenetrable and we cannot guarantee the security of our website, nor can we guarantee that the information you supply will not be intercepted while being transmitted to us over the Internet, and we areot liable for the illegal acts of third parties such as criminal hackers.


6. INFORMATION FOR CHILDREN UNDER 13


We will not intentionally collect any personal information from children under the age of 13 through this website without receiving parental consent. If you think that we have collected personal information from a child under the age of 13 through this website, please contact us.


7. CONTACT US

If you have questions or a complaint about any aspect of our policy, please contact us at uprivacy@uhcglobal.com e. In addition, you can contact our Data Protection Officer at any time at uhg_privacy_office@uhc.com.


8. CHANGES TO THIS WEBSITE PRIVACY POLICY

We may change this policy. If we do so, such change will appear on this page of our website. We will also provide appropriate notice and choices to you, on this website and in other appropriate locations, based on the scope and extent of changes. You may always visit this policy to learn of any updates.


Dated: 13 October 2020