Privacy Statement

 

Privacy Policy

 

1. Introduction

 

Welcome to the privacy policy of the Risk and Insurance Management Society, Inc. ("RIMS" / "we" / "us" / "our").

 

We take your privacy seriously and we are committed to protecting personal data that we receive from you. This privacy policy explains RIMS policies and practices regarding its processing of your personal data and explains your privacy rights under applicable privacy and security laws.

 

This privacy policy is effective as of November 19, 2021. We review our privacy practices on an ongoing basis, and as such we may change this privacy policy from time to time. If such change includes any significant, material changes, we will provide clear notice of the update on the homepage of our website. Please check this policy frequently to ensure that you are familiar with its current content. 

 

If you are an EU national and reside in the EU, or are non-EU national residing in the EU, the data controller (as defined under EU data protection law) will be the RIMS relevant entity that you engage with.

 

Contacting us

 

If you would like additional information on anything in or related to this privacy policy, or you would like to exercise any rights that you may have in relation to your personal data, please contact us at privacy@rims.org

 

2. What Personal Data May We Process?

 

The types of personal data relating to you that we may "process" (such as collect, use and store) depends on your interaction with us. The key types of personal data that we may process are set out below.

 

* Note that the legal bases in the table below are required to be specified under EU data protection law, but are not required, or required to be specified, if you are not an EU citizen/do not reside in the EU.

 

Personal data that you give us

 

ActivityTypes of personal data that we may processOur legal bases* for processing
ActivityTypes of personal data that we may processOur legal bases* for processing
Your general use of our website
  • Name, title, gender
  • Contact details (email address, business address)
  • Company
  • Any other personal data that you provide to us in your contact with RIMS through our website, such as your home and business addresses, phone numbers, description of yourself, your position, and your requirements or comments
Legitimate interests:
  • Getting to know members or potential members / colleagues / customers / employees / workers / consultants / service providers
  • Managing business communications with our members and customers
  • Maintaining and managing our website
  • Responding to your communication(s) with us
Your request for our products or services
  • Name, title, gender
  • Contact details (personal or business email address, telephone numbers, address)
  • Company
  • Position
  • Information relating to any matter that you want to discuss with us that relates to you as an individual
  • Information from identification documents
  • Financial information, such as bank account details and requests relating to invoices
  • Any other personal data that you may disclose to us during your relationship with us, such as in calls or email correspondence
Legitimate interests:
  • Getting to know members / potential members /customers
  • Growing our business
  • Maintaining and managing our website
  • Responding to your communication(s) with us
Contract
  • Fulfilling our obligations under our agreement with you
Your wish to receive event invitations, updates, or other marketing materials
  • Name, title, gender
  • Contact details (personal or business email address, telephone numbers, address)
  • Company
  • Position
  • Your communication preferences (what types of communication you want to receive, when you want to stop receiving communications, feedback, and requests relating to our communications)
  • Any other personal data that you disclose to us, such as dietary requirements, physical disability, comments, or requests
Legitimate interests:
  • Getting to know members and potential members / customers / colleagues / recruiters / employees / workers / consultants / service providers
  • Identification of relevant content shared with members and prospective members
  • Understanding how you want us to communicate with you
  • Expanding our professional networks
Consent
  • On the basis of the consent that you have provided us to receive certain communications
Your application for a job, summer placement, freelancer, internship.
  • Name, title, gender, date of birth
  • Results of background checks including references, qualifications, and to the extent permitted by law, criminal background checks
  • Passport, work permit, visa, or other immigration documentation
  • Contact details (personal, business or educational institution email address, telephone numbers, address)
  • Resumé, including relevant skills and experience
  • Application reasons
  • Language capabilities
  • Special requirements (such as, or relating to, a disability / health issue)
  • Any other personal data that you may provide to us through the application process, such as views and preferences that you disclose to us in interviews, your responses to questions, and demonstrations of your skills
Legitimate interests:
  • Getting to know employees or potential employees / workers / consultants
  • Fulfilling our staffing requirements
  • Ensuring potential recruits of any kind are appropriately qualified for positions at RIMS
  •  
Consent
  • On the basis of the consent that you have provided to us to process your personal data in the context of your application which would include in relation to our conducting criminal background and other checks
Legal obligation
  • We have a legal obligation to verify your right to work lawfully in the relevant country applicable to your application

 

Personal data that we may collect through cookies

 

"Cookies" are small pieces of information that are stored by your browser on your computer's hard-drive for record-keeping purposes.

 

RIMS uses cookies on its website for the following reasons:

 

  1. Analysis – to obtain web analytics from third-party vendors. These third parties use cookies to help analyze how users use the website. The information generated by the cookie about your use of the website (including your IP address) will be transferred to and stored by third-party vendors on servers in the United States. These vendors will use this information for the purposes of analyzing your use of the website, creating reports on the website activity, and providing other services relating to the website activity. These vendors may also transfer this information to other third parties where required to do so by law, or where such third parties process the information on the vendor's behalf.

     

  2. Enhanced website functionality – for instance to provide account log-in prompts and to record preferences that you input on areas of the website so that you do not have to keep re-entering information.

     

    You can refuse the use of cookies by selecting the appropriate settings on your browser, though please note that if you do so, you may not be able to use the full functionality of the RIMS website.

     

    Personal data from minors

     

    RIMS services, including its website, are directed solely at adults. If you are under the age of thirteen (or if being a 'minor' is defined as a younger age in your relevant jurisdiction, that relevant age), please do not provide us with any of your personal data, including your email address.

     

     

    Other information that we may collect automatically

     

    We collect the following information relating to our website visitors automatically: domain name, IP address, and type of browser used and type of operating system used. We use this information for internal statistical analysis, such as to see where our website is being used geographically. However, we do not link this information with any personal data.

     

    3. How and Why May We Process Your Personal Data?

     

    We may process your personal data in the following ways (depending upon your interaction with us):

     

  3. Collecting your personal data that you input on our website, or provide to us in conversations, emails, or meetings with us.

     

  4. Recording your personal data, such as through electronic or handwritten notes that we make.

     

  5. Organizing and storing your personal data on our servers, in our case management system, in our electronic HR filing system, in our employee's email inbox folders, or in hard copy files.

     

  6. Using your personal data to provide our services to you, and address any preferences, complaints, or comments that you have.

     

  7. Disclosing your personal data to third parties, where necessary, appropriate and/or as required by law (see section 5 providing more information on this below).

     

    We may process your personal data for the following purposes:

     

  8. To process and manage your purchase and use of our services.

     

  9. To respond to your questions, comments, complaints, or requests.

     

  10. To follow up with you on a job application.

     

  11. To create and deliver personalized communications that are relevant to your preferences.

     

  12. To further our business purposes, such as to perform data analysis, audits, fraud monitoring, and prevention; enhance, improve, or modify our website or services; identify client trends; determine the effectiveness of our promotional campaigns; and operate and expand our business activities.

     

     

     

    4. HOW WILL WE PROTECT YOUR PERSONAL DATA?

     

    We have implemented security policies and technical measures to protect the personal data that we collect, consistent with applicable privacy and security laws. These security measures are designed to prevent unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss of your personal data.

     

    We update and test our personal data privacy and security measures on an ongoing basis. We also provide training to our employees on privacy laws and how to comply with them, and have disciplinary procedures in place that may be imposed on employees if they do not comply with our standards. We ensure that only employees who need to know your personal data to fulfill the purposes of processing that personal data (as described in this privacy policy) have access to it.

     

    5. With Whom May We Share Your Personal Data?

     

    We take your privacy seriously and will not share your personal data with others, except in the following circumstances:

     

  13. Service providers – we may disclose your personal data to third-party service providers to provide us with services such as website hosting and professional services, including information technology services, payroll services, auditing services, consultancy services, regulatory services, and legal services in other countries.

     

  14. To fulfill your option to share our website content with third parties – using the sharing features on our website (to share content with Facebook, LinkedIn, or Twitter, for example).

     

  15. Corporate transactions or events – we may disclose your personal data to a third party in connection with a corporate reorganization, merger, joint venture, sale, transfer, or other disposition of all or any portion of our business.

     

  16. Legal reasons – we may use or disclose your personal data as we deem necessary or appropriate under applicable laws; to respond to requests from public, governmental; and regulatory authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; and to protect the rights, safety, or property of our employees, you, or others.

     

    International transfers of personal data

     

    RIMS is incorporated and headquartered in the United States. Accordingly, if you are an EU citizen/resident in the EU, please note that we will transfer your personal data to the United States in accordance with EU data protection law requirements by using standard contractual clauses that have been approved by the European Commission. Such a transfer may also be necessary in order to perform a contract with you/fulfill your request and/or through obtaining your explicit consent.

     

    6. What Rights Do You Have with Respect to Your Personal Data?

     

    If you are an EU citizen and reside in the EU, or are non-EU national residing in the EU, you may have the following rights with respect to the personal data you provide to us, to the extent permitted by applicable data protection laws:

     

  17. To withdraw any consent that you have provided to us to process your personal data.

     

  18. To access or rectify your personal data.

     

     

  19. To have your personal data erased if it is no longer necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it or you consider it has been unlawfully processed.

     

  20. To have the processing of your personal data restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it.

     

  21. To have your personal data transferred to another company under certain circumstances.

     

  22. To complain to your national data protection regulator if you feel that your personal data has been unlawfully processed.

     

     

    7. For How Long Do We Retain Your Personal Data?

     

    We retain your personal data only for as long as is necessary for our relationship with you, in accordance with our retention policies, and in accordance with applicable laws. We do not collect more personal data than we need to fulfill our purposes stated in this privacy policy, and we will not retain it for longer than is necessary.

     

    8. Links to Third-Party Sites

     

    Our website may include links to other sites operated by third parties. We are not responsible for information on these sites, nor for services or products offered by them. Use of such sites, including transmitting your personal data to them, is at your own risk. You should check the privacy policies (and other applicable terms and conditions) of these third-party sites.