The Catastrophe Risk Exchange, Inc. (“CATEX”) is a reinsurance/insurance software and business process outsourcing firm that provides its clients and customers with transaction and processing support and that abides by the Safe Harbor Principles of the United States Department of Commerce.
CATEX respects the individual privacy of its clients and customers (and their clients and customers), employees, business partners and others who may use CATEX’s services. In all cases CATEX treats personal information in a manner consistent with the laws of the countries in which CATEX does business, but it also aims to uphold the highest applicable ethical standards in all its business activities.
"Personal information" means any information or set of information that is transferred from the EU to the United States, is recorded in any form, pertains to or is about any individual, and can be linked to or used to identify that individual. Personal information does not include information that is encoded, anonymized, or publicly available information that has not been combined with non-public personal information. Personal information does not include information that pertains to or is about a specific individual, but from which that individual could not reasonably be identified.
THE PRIVACY PRINCIPLES
CATEX’s operations and processing of personal information conform to the following Safe Harbor Privacy Principles as stated below under the heading of each principle.
Notice and Choice To the extent permitted by the Safe Harbor Agreement, CATEX reserves the right to process personal information in the course of providing professional services to CATEX’s clients and customers without the knowledge of individuals involved. If and when CATEX collects personal information directly from individuals in the EU, CATEX directs its own clients to inform them about the types of personal information such clients collect from them, the purposes for which CATEX’s clients collects and uses such information that is transmitted to CATEX, and the types of non-agent third parties to which CATEX discloses that information. CATEX directs its clients to inform those individuals about the choices and means, if any, that CATEX offers to limit the use or disclosure of their information.
Disclosures and Transfers
CATEX will not disclose an individual's personal information to third parties, except when one or more of the following conditions is true:
CATEX has the individual's permission to make the disclosure;
The disclosure is required by law or professional standards;
The information in question is publicly available;
The disclosure is reasonably necessary for the establishment or defense of legal claims; or
The disclosure is to another CATEX entity or to persons or entities providing services on CATEX’s or the individual's behalf (each a "transferee"), consistent with the purpose for which the information was obtained, if the transferee, with respect to the information in question:
is subject to law providing an adequate level of privacy protection;
has agreed in writing to provide an adequate level of privacy protection; or
subscribes to the Safe Harbor Principles.
Permitted transfers of information, whether to third parties or within CATEX, include the transfer of data from one jurisdiction to another, including transfers to and from the U.S. Because privacy laws vary from one jurisdiction to another, personal information may be transferred to a jurisdiction where the laws provide less or different protection than the jurisdiction in which the information originated.
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use and confidentiality of information, either for its own purposes or on behalf of its clients, customers and business partners, CATEX has put in place and rigorously enforces appropriate physical, electronic, and managerial procedures to safeguard and secure the information that CATEX processes. However, CATEX cannot guarantee the security of information on or transmitted via the Internet.
CATEX processes personal information only in ways compatible with the purpose for which it was collected or subsequently authorized by the individual. To the extent necessary for such purposes, CATEX takes reasonable steps to make sure that personal information is accurate, complete, current, and otherwise reliable for its intended use.
Access and Correction
If an individual becomes aware that information CATEX maintains about that individual is inaccurate, or if an individual would like to update or review that individual’s information, the individual may contact CATEX using the contact information below. In every case, CATEX will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate. The individual seeking to amend such information will need to provide sufficient identifying information, such as name, address, birth date, and social security number. CATEX may request additional identifying information as a security precaution. In addition, CATEX may limit or deny access to personal information where providing such access would be unreasonably burdensome or expensive in the circumstances, or as otherwise permitted by the Safe Harbor Agreement. In some circumstances, CATEX may charge a reasonable fee, where warranted, for access to personal information.
Enforcement and Dispute Resolution
Any claim arising out of or relating to CATEX’s adherence to the EU Data Directive, or the breach thereof, that cannot be resolved through CATEX’s internal processes, will be settled by arbitration administered by the American Arbitration Association (“AAA”) in accordance with its applicable commercial rules. Any arbitrator will be either an attorney or retired judge having significant and recognized experience with and knowledge of privacy issues and information technology. The arbitration panel should apply New Jersey law, without regard to its conflict of laws principles, as well as the Safe Harbor Enforcement Principles issued by the U.S. Department of Commerce. In addition, the exclusive location for such arbitration will be Princeton, New Jersey. All decisions of the arbitration panel will be final and binding on the parties, which waive any right to appeal the arbitration award further, to the extent an appeal may be lawfully waived.
CATEX is also subject to the jurisdiction of the New York Department of Insurance.
INFORMATION SUBJECT TO OTHER POLICIES OR STANDARDS
Office of the Chief Executive
475 Wall Street
Princeton, NJ 08540
For additional information about the U.S.-EU & U.S.-Swiss Safe Harbor Frameworks of the U.S. Department of Commerce please see http://www.export.gov/safeharbor