Skip to content

PICA Privacy Policy

Effective July 1, 2024

1. INTRODUCTION

This Policy describes how We obtain and use personal data (which can be used to identify a specific individual) and anonymous data (which can’t) about Our users. Certain provisions of the Policy, which are clearly labelled, apply only to residents of the European Union or the state of California. We need some Personal Data about you (i.e., email for account creation, name and address information to perform mailing and/or verify payments) in order to provide you certain products and services (the “Services”). We try to limit this as much as possible.

a. Who We are:

The “We” in this document means ProAssurance Corporation and its affiliated companies (the “ProAssurance Companies” or the “Company”). A list of those companies and programs may be found at: Investor.ProAssurance.com. To simplify the reading of this document, We could also describe ourselves as the "Company," “Us” or “Our.”  We have adopted this policy as of its effective date and are publishing it so you may understand how We may use the information gained, collected or processed about you.

b. Information We collect:

We collect information from you when you visit Our websites, including, but not limited to, ProAssuranceGroup.comProAssurance.com, PICAGroup.com, Medmarc.com, EasternAlliance.com, NORCAL-Group.com, and PPMRRG.com,  (each, Our "Website") or when you upload forms or information to Our Website.

We also collect information when you fill out paper forms such as underwriting applications or send Us paper correspondence.  Some of the information you supply can be transcribed or scanned into databases or other information repositories that We maintain.

c. This policy applies to information We collect:

  • On this Website; in email, text, and other electronic messages between you and this Website; and when you interact with applications we utilize on third-party websites and services if those applications include links to this Policy (collectively referred to as Our “Online Services”); and.     
  • Information you provide in paper format.

It does not apply to any other information:

  • We collect by any other means, including on any other website We operate or one operated by a third party; or
  • Collected by a third party including, through any application or content (including advertising) that may link to or be accessible from the Website.

d. EU and California Specific Provisions:

Certain provisions of the Policy apply only to residents of the European Union (the “EU”) or residents of the state of California and are clearly labeled as such. Otherwise, the Policy applies to all users of our Services, regardless of location.

2. Use of our online services or submission of information on paper to us is considered acceptance of these terms.

Please read this Policy carefully to understand Our policies and practices regarding your information and how We will treat it. If you do not agree with our policies and practices, your choice is not to use Our Online Services. By accessing or using the Online Services, you agree to this Privacy Policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the Online Services after We make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

3. Children Under the Age of 16

Our Website is not intended for children under 16 years of age. No one under age 16 may provide any information to or on the Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or through any of its features, register or create an account on the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to Us, including your name, address, telephone number, email address, or any screen name or user name you may use. If We learn We have collected or received personal information from a child under 16 without verification of parental consent, We will delete that information. If you believe We might have any information from or about a child under 16, please contact Us at PrivacyPolicy@ProAssurance.com.

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your California Privacy Rights for more information.

4. What is Personal Data? 

As used in this Policy, “Personal Data” means information that identifies, relates to, describes, or can reasonably be linked, directly or indirectly, to a specific individual, such as name, mailing address, email address, IP address or telephone number. It does not include information that is anonymous, de-identified, or aggregated. By contrast, “Anonymous Data” means any data that, alone or combined with other information available to Us or a third party, does not permit identification of an individual. We collect both Personal Data and Anonymous Data as set forth below.

5. Information We Collect About You and How We Collect It

We collect several types of information from and about users of Our Online Services. In particular, we collect and process the following categories of Personal Data:

Category

Examples

A. Identifiers.

A real name, alias, postal address, telephone number, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, taxpayer identification numbers, driver’s license number, passport number, signature, or other similar identifiers.

B. Insurance information.

Insurance policy numbers, information surrounding claims, notice of claims and coverage determinations, letters of credit, credit instruments, debt information, actuarial information including pricing, or premiums and loss analysis.

C. Protected classification characteristics under state or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

G. Geolocation data.

Physical location or movements.

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

I. Professional or employment-related information.

Current or past job history or performance evaluations, documents prepared in the context of the hiring process such as job applications, resumes, certifications, and educational or training records, professional licensing numbers, or National Practitioner Identifier (“NPI”) numbers.

J. Non-public education information.

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

K. Inferences drawn from other personal information.

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

L. Sensitive personal information.

Social Security number, driver’s license number, state identification card number, passport number, account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, medical information and records, health insurance information, contents of a consumer’s mail, email, and text messages, biometric information processed for the purpose of uniquely identifying a consumer, health information, sex life information, and sexual orientation information.


We collect this information:

  • Directly from you when you provide it to Us.
  • From an agent or broker acting on your behalf.
  • From licensing or regulatory entities.
  • From third party organizations that provide financial, marketing and business analytics.
  • From entities associated with claims in which you are a party.
  • From peer review documents. 
  • Automatically as you navigate through the Online Services. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies.

Information You Provide to Us

The information We collect on or through Our Online Services may include:

  • Information that you provide by uploading or filling in forms on Our Online Services. This includes information provided at the time of registering to use Our Online Services, subscribing to Our service, posting material, submitting information relating to a claim or loss, or requesting further services. We may also ask you for information when you report a problem with Our Online Services and this information may be preserved, including any telephone conversation you may have with Our employees.
  • Records and copies of your correspondence (including email addresses), if you contact us.
  • Your responses to surveys that We might ask you to complete for research purposes.
  • Your search queries and download history on the Online Services.
  • Information you supply to Us in connection with the preparation of an insurance quote.

6. Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with Our Online Services, We may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to Our Online Services, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Online Services.
  • If you visited other ProAssurance Companies’ websites, We will place a cookie associated with that company and use it to associate any information you supplied that company with any other ProAssurance Company website you may visit to minimize any data you may have to enter. No personal information is stored on that cookie.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

Google Analytics.  We use Google Analytics to understand how you and others navigate on our web site. Pursuant to our agreement with Google, certain information about you is gathered by their software. A description of how Google uses this information can be found at Google.com/Policies/Privacy/Partners. Google updates this policy from time to time so you should periodically review this site.

The information We collect automatically is only statistical data and does not include personal information. It helps Us to improve Our Online Services and to deliver a better and more personalized service, including by enabling Us to:

  • Estimate Our audience size and usage patterns.
  • Store information about your preferences, allowing Us to customize Our Online Services according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to Our Online Services.

The technologies We use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser; however, if you select this setting you may be unable to access certain parts of Our Online Services. Unless you have adjusted your browser setting so that it will refuse cookies, Our system will issue cookies when you direct your browser to Our Online Services.
  • Web Beacons. Pages of Our Online Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

7. Why Do We Need Your Personal Data?

We need certain Personal Data in order to provide you with certain products and Services. You will be asked to provide this information — and by doing so demonstrate that you agree to this Policy and its Terms. This consent, which you may withdraw at any time, provides Us with the legal basis We need to process your Personal Data. If you do not agree to this Policy, you may not use Our Services.

8. Particularly Important Information (EU Users Only)

a. Who We Are: For the purpose of the GDPR, the data controller of your Personal Data is ProAssurance of 100 Brookwood Place, Suite 300, Birmingham, AL 35209. You may contact Us at PrivacyPolicy@ProAssurance.com.

b. Must Read Sections: Please carefully review the sections entitled “Data Security and International Transfer” and “Your Rights Regarding Personal Data.”

9. How We Use Your Information

We never sell Our users’ Personal Data. To provide the Services, We share Personal Data with service providers who are contractually obliged to comply with all applicable laws (i.e., GDPR and other data privacy laws) and who only have access to the Personal Data required for them to provide the relevant Services. We may share Personal Data among our various affiliates, all of whom are bound by this Policy, and with an acquirer if We are sold or merged. Finally, We can disclose Personal Data where required by law or where We believe it is necessary to protect our rights or those of Our other users.

We use information that We collect about you or that you provide to Us, including any personal information:

  • To present Our Online Services and its contents to you.
  • To provide you with information, products, or services that you request from Us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your account, including expiration and renewal notices; claims status; cancellation; non-renewal; and expiration notice.
  • To issue certificates of insurance to providers of services that you direct Us to send
  • To carry out Our obligations and enforce Our rights arising from any contracts entered into between you and Us, including for billing and collection.
  • To notify you about changes to Our Online Services or any products or services We offer or provide through it.
  • To advise you about risk management seminars or new trends in risk management
  • To allow you to participate in interactive features on Our Online Services.
  • To promote the products and services or send you other marketing information. EU users must actively choose to receive marketing communications. Users elsewhere (and those in the EU who have previously opted in) may always elect to stop receiving such communications.
  • In any other way We may describe when you provide the information.
  • For any other purpose with your consent.

We may also use your information to contact you about Our own goods and services that may be of interest to you. For more information, see Choices About How We Use and Disclose Your Information.

10. Disclosure of Your Information

We may disclose your Personal Data to the following categories of third parties:

  • ProAssurance Companies. ProAssurance Corporation and its subsidiaries and affiliates may have access to and use of Personal Data in connection with the conduct of our business where appropriate.
  • Other insurance and distribution parties. In the course of marketing and providing our products and services, We may make Personal Data available to third parties such as other insurers; reinsurers; insurance and reinsurance brokers and other intermediaries and agents; appointed representatives; distributors; affinity marketing partners; and financial institutions, securities firms, and other business partners.
  • Service providers. External third-party service providers, such as accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; document and records management providers; claim investigators and adjusters; engineers; examiners; jury consultants; translators; and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
  • Governmental authorities and third parties involved in court action. We may also share Personal Data with governmental or other public authorities (including, but not limited to, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, and/or that of you or others; and (g) to allow us to pursue available remedies or limit our damages.
  • Other third parties. We may share Personal Data with payees; emergency providers (including police); medical networks, organizations, and providers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. 

We may disclose personal information that We collect or you provide as described in this Privacy Policy:

  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by Us when you provide the information.
  • To verify that you are a customer of ProAssurance in circumstances where you have indicated this to a third party and they are seeking confirmation.
  • With your consent.
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our terms of use (ProAssurance.com/Legal-Disclaimer) and other agreements, including for billing and collection purposes.
  • If We believe disclosure is necessary or appropriate to protect the rights, property, or safety of ProAssurance, Our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

We may disclose the following categories of Personal Data with third parties:

  • Category A: Identifiers.
  • Category B: Insurance information.
  • Category C: Protected classification characteristics under state or federal law.
  • Category D: Commercial information.
  • Category E: Biometric information.
  • Category F: Internet or other similar network activity.
  • Category G: Geolocation data.
  • Category H: Sensory data.
  • Category I: Professional or employment-related information.
  • Category J: Non-public education information.
  • Category K: Inferences drawn from other personal information.
  • Category L. Sensitive personal information.

We may disclose aggregated information about Our data subjects in Our systems, and information that does not identify any individual, without restriction.

11. Data Security and International Transfer (EU Users Only)

We strive to protect the safety and security of all data in our possession, including Personal Data, through a variety of means, and We continually work to improve and update these practices. However, We cannot and do not guarantee the security of Personal Data We process. As noted elsewhere in this Policy, Personal Data may be transferred to jurisdictions with less strict privacy and related regulations than those in your home country, including the U.S., but We employ technical and other measures that comply with EU regulations to protect Personal Data belonging to EU residents when processed in the U.S.

We use physical, technical and administrative measures to safeguard Personal Data. While We strive to protect your Personal Data, no method of data transmission or storage is totally secure; therefore, We cannot guarantee the security of Personal Data in Our control. If you believe that any of your Personal Data may have been compromised by Us or the use of the Services, please contact Us immediately at PrivacyPolicy@ProAssurance.com.

Your information, including Personal Data that We collect from you, may be transferred to, stored at and processed by Us, our Affiliates and service providers outside your home country, including in the United States, where data protection and privacy regulations may not offer the same protections as in other parts of the world. When We do so, We will take the steps described in this Policy, which are designed to ensure that all Personal Data We or our vendors process (regardless of where it originates) is handled as required by the EU. By using the Services, you agree to the transfer, storing or processing of your data in accordance with this Policy.

12. Choices About How We Use and Disclose Your Information

You have choices regarding the personal information you provide to Us and there are mechanisms to provide you with the following control over your information:

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

13. Accessing and Correcting Your Information

You can review and change your personal information by logging into the Website and visiting your account profile page.

You may also send Us an email at PrivacyPolicy@ProAssurance.com to request access to, correct or delete any personal information that you have provided to Us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if We believe the change would violate any law or legal requirement, cause the information to be incorrect or if We need to maintain the information for a legitimate business purpose.

14. Your Rights and Choices

Depending on your location, you may have rights in addition to those described in this Policy, such as the right to access copies of your Personal Data, the right to request that your Personal Data be deleted, the right to opt of the use of your Personal Data for sale or targeted advertising, and the right to appeal a decision We’ve made not to take action on a request.

To exercise your consumer privacy rights, please submit a verifiable consumer request to us by either:

15. Your California Privacy Rights (CA Users Only)

If you are a California resident, there may be laws that provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, please visit our Privacy Notice for California Residents, which can be found at ProAssuranceGroup.com/privacy-policy/ca.

16. Your Rights Regarding Personal Data in the European Union (EU Users Only)

The GDPR grants EU residents certain rights regarding their Personal Data, including the right to access and modify Personal Data held by providers, and to have providers “forget” Personal Data that is no longer relevant. In some cases, you may exercise these rights from within the Services, but you may always contact Us to do so as well. Please include information about which rights you are seeking to exercise if you contact us. We may need to verify your identity before fulfilling your request.

We do not solicit or do business in Europe, but some of Our insureds and individuals associated with our business do reside in Europe and from time to time We receive job applications through Our Website from residents of Europe.  If you are a resident of Europe, you have the following rights with respect to your Personal Data that We process:

  • Withdraw Consent: You may withdraw your consent to Our processing of your Personal Data, in whole or in part (i.e., for marketing purposes). Certain Services may be ineffective upon opt out.
  • Access: You may access the Personal Data We hold about you at any time via your Account or by contacting Us directly.
  • Modification: You may modify the Personal Data We hold about you at any time via your Account or by contacting Us directly.
  • Erase and Forget: In certain situations, for example when the Personal Data We hold about you is no longer relevant or accurate, you can request that We erase your Personal Data.
  • Portability: You may request a copy of your Personal Data and may always move it to other entities as you desire.

If you wish to exercise any of these rights, please contact Us at PrivacyPolicy@ProAssurance.com or as set forth below. In your request, please make clear: (i) what Personal Data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, We may only implement requests with respect to the Personal Data associated with the email address you send your request from, and We may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable, but in any event within thirty (30) days of your request. We may need to retain certain information for recordkeeping purposes or to complete any transactions that you began prior to requesting such change or deletion.

17. Changes to Our Privacy Policy

It is our policy to post any changes We make to our privacy policy on this page with a notice that the privacy policy has been updated on the Website home page. If We make material changes to how We treat Our users' personal information, We will notify you by one of the following means: email to the primary email address specified in your account, first class postal mail or through a notice on the Website home page. The date the Privacy Policy was last revised is identified at the top of this page. You are responsible for ensuring We have an up-to-date active and deliverable email and physical addresses for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.

18. Employee Personal Data (EU Users Only)

We commit to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel regarding human resources data transferred from the EU in the context of the employment relationship. Please contact Us to be directed to the relevant DPA contacts at PrivacyPolicy@ProAssurance.com.

19. Contact Information; Complaints

If you have questions, concerns, or complaints about this Policy or Our data collection or processing practices, or if you want to report any security violations, please contact Us at PrivacyPolicy@ProAssurance.com or by writing the address below:

ProAssurance Corporation
Attn: Legal Department
100 Brookwood Place, Suite 300
Birmingham, AL 35209

EU Users Only. We hope to resolve any complaint brought to Our attention promptly; however, if your complaint has not been adequately resolved, you may always contact your local data protection supervisory authority, a list of which is available here: EDPB.Europa.eu/About-EDPB/Board/Members_en.

 
Get a Quick Quote