Privacy Policy

The Catastrophe Risk Exchange, Inc. (“CATEX”, “we”, “us” or “our”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. CATEX has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. CATEX has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

SCOPE: We Since we are generally a processor of information collected and controlled by others, it is our customers who collect and control the data stored and processed on our systems (e.g. data, documents, etc.). To the extent that we merely process information on behalf of our customers, we may instead rely upon such customers, as controllers of data, to comply with underlying legal requirements with respect to such processing, to the extent permitted under the Principles.

DATA PROCESSED: We may provide data cleanup and input services for our customers to enhance their business processes. These services consist of data submitted to us by our customers which we are instructed to process on their behalf. While we do not control what data we receive, it typically includes items such as contact information, insurance premiums and claims data.

PURPOSE OF DATA PROCESSING: We process data submitted by our customers for the purpose of providing them the information required to offer and service insurance contracts. To fulfill this purpose, we may process personal data submitted to us by our customers to provide such services or in response to contractual or legal requirements.

INQUIRIES AND COMPLAINTS: In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, CATEX commits to resolve DPF Principles-related complaints about our use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact CATEX at:

Office of the Chief Executive
619 Alexander Rd
STE 201
Princeton, NJ 08540
USA

THIRD PARTIES WHO MAY RECEIVE PERSONAL DATA: We may use a limited number of third party service providers to assist us in providing services to our customers or to meet internal business needs. These providers may provide services such as systems hosting, incident management and other technical operations. These third parties may access, process, or store personal data in the course of providing their services. We maintain contracts with these third parties to restrict their access, use, and disclosure of personal data in compliance with our DPF obligations, and we may be liable for such parties if they fail to meet these obligations. We do not otherwise disclose personal data.

RIGHTS TO ACCESS AND LIMIT USE OF DATA: Individuals located in the EU, EEA, or Switzerland, if applicable, have rights to access personal data about them, and to limit the use and disclosure of such data. We take our privacy obligations extremely seriously, and have committed to respect these rights. Because our personnel have limited ability to access data submitted to us by our customers, if you wish to request access to, or to limit use or disclosure of data, please provide the name of the party who submitted your data to our services, and state whether it was yourself or a third party. We will refer your request to that third party, if appropriate, and reasonably support them in responding to your request.

DISPUTE RESOLUTION: In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, CATEX commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to International Centre for Dispute Resolution (“ICDR”), an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of International Centre for Dispute Resolution (“ICDR”) are provided at no cost to you.

FEDERAL TRADE COMMISSSION: CATEX is subject to the investigatory and enforcement powers of the Federal Trade Commission.

BINDING ARBITRATION: Individuals should be aware that, under certain conditions, they may invoke binding arbitration. CATEX is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to CATEX and following the procedures and subject to conditions set forth in Annex I of Principles.

CERTAIN REQUIRED DISCLOSURES: CATEX is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Inquiry

    Start typing and press Enter to search

    Shopping Cart