Your privacy is very important to us. We are committed to protecting and safeguarding your data privacy rights.
This Privacy Notice (this "Notice") explains how A.M. Best Company, Inc., as well as any of our subsidiaries, affiliates and related entities (collectively, "AM Best," "we," or "us") uses the personal information of business partners (i.e., customers, suppliers, and/or sub-suppliers) and visitors of AM Best's premises and websites.
We have drafted this Notice in an easy and comprehensible way in order to help you understand: who we are, what personal information we collect about you, why, for how long, and what we do with it. Please keep in mind that "personal information" under this Notice may also be referred to as: “data,” “personal data” or “personally identifiable information.”
This Notice does not intend to replace or modify terms in any existing license agreement or service agreement between AM Best and you, if any. Yet, in the event of an inconsistency between this Notice and an existing agreement – as it pertains to any privacy and data protection related matters – such existing agreement shall control. In the event of a conflict between this Notice and any applicable local laws and/or regulations, and only to the extent such local laws and/or regulations require a higher level of protection for your personal information, such applicable local laws and/or regulations shall prevail.
Though we make every effort to preserve your privacy, we may need to disclose personal information to third parties under certain circumstances discussed below (Sections 8 and 9) or when required by law.
Please note that if we decide to change our Notice, we will post these changes on the Website and in any other place we deem appropriate. Please check this Notice periodically for updates.
This Notice is applicable to the processing of individuals' personal information by AM Best. As described in Section 1 above, the term "individuals" under this Notice covers customers, suppliers, sub-suppliers and visitors of AM Best's premises and the Website.
Please be aware that whenever the local legislation requires a higher level of protection for personal data, it will take precedence over this Notice – and, thus, apply in the respective situation.
The Website is intended for users who are 18 years of age or older. No one under age 18 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not (i) use or provide any information on the Website or on or through any of its features, (ii) register on the Website, (iii) make any purchases through the Website, (iv) use any of the interactive or public comment features of the Website, or (v) provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will take appropriate steps to delete that information. If you believe we might have any information from or about a child under 18, please contact us by visiting Section 14 of this Notice.
California residents under 16 years of age may have additional rights regarding the collection of their personal information. Please see Section 12 below for more information.
AM Best is the world's first credit rating agency. Our Company's purpose is to strengthen the overall financial condition and operating performance of the insurance industry through our work in credit ratings and information services.
For further information regarding our contact details, please visit Section 14 below.
If you wish to obtain more information about the contact details of AM Best's affiliate companies, please visit the Offices page on the Website.
Personal data means any information – or set of information – relating to an identified or identifiable natural person. An "identifiable natural person" is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as:
Personal data excludes anonymous or de-identified data that is not associated with a particular individual.
Depending on who you are (i.e., a customer, supplier, sub-supplier, and/or visitor of the Website) and how you interact with us (e.g., online, offline, over the phone, via emails, and/or through our systems, tools, platforms, etc.), we may process the following personal data about you:
Categories of data
Personal identification data
Name, surname, alias, signature, title, date of birth, Social Security number, driver's license or state identification card number, passport number, or other similar identifiers
Email address, telephone number, shipping address
Account log-in data
Information from AM Best tools, systems and applications, where you hold a profile, such as: usernames, passwords and/or other security codes
Demographic / Profile Information*
Information from AM Best user accounts
Credit card number, bank account number, debit card number, or any other financial information
Preferred ways to be contacted by us through our My Account and/or initial email communication with you
On premise information relating to you
Information about you, collected through our closed-circuit television (CCTV) recordings and physical access control
Interaction data with AM Best (and its affiliates)
Questions, complaints, correspondence with us
Information from screening/background checks via our screening tools and/or public records
Other information that you have voluntarily shared with AM Best (and its affiliates)
Feedback, reviews, comments, and/or any other information provided by you to help us perform our due diligence assessment
AM Best will only process special categories of data ("sensitive data") for specified purposes, and, where you have given your explicit consent, it is necessary, required in accordance with applicable legislation or you have deliberately made it public.
The following constitute sensitive data:
In the exceptional cases where AM Best will process this type of personally identifiable information, our Company will provide you with notice and obtain your prior express consent to lawfully process the sensitive data involved, except as otherwise permitted or required by applicable law or regulation.
Stringent safeguards also apply to the processing of personal data relating to criminal convictions and offenses. AM Best will only process this type of information in exceptional circumstances (if any) and after respecting all appropriate safeguards and applicable legal requirements. If you have any further questions in this regard, please contact us by visiting Section 14 of this Notice.
AM Best processes your personal information for the purposes outlined below:
Secondary use of personal data: We will only process your personal data for the purposes we originally collected it or for compatible secondary purposes where it is lawful to do so. This means that we may process your personal information for a further use or purpose – but only as long as the secondary purpose is compatible with the original purpose and where data was collected on the basis of a legitimate interest, a contract or vital interest. A compatibility assessment will be performed by our Privacy team in this regard, otherwise your consent will be requested. An example of a secondary purpose is the further processing of your personal data for statistical analysis.
* Marketing Activities: We may periodically send you information that we think you may find interesting. In particular, we may use your personal information for sending you promotional communications about our products, services, events, special offers (or deals) – as well as communications for our market surveys and/or any AM Best updates.
Such communications may be sent to you via different channels (e.g., via postal mail, email, or over the phone) and in accordance with your preferences and the applicable data protection legislation.
In line with our Notice, you have the option not to receive these types of communications. Please see Section 12 below for more information concerning your rights (and, in particular, your "right to object" and/or "opt-out" from this kind of processing).
When required by applicable law, we will ask your consent before starting the above-mentioned activities. You always have the right to withdraw your consent from a processing at any time and without detriment (e.g., extra charges or severe negative consequences inflicted upon you due to your withdrawal). Please visit Section 12 below for further information about your rights.
Please note that even if you choose not to receive marketing communications, you might still receive administrative, service and transaction communications from us (e.g., technical and/or security updates, order confirmations, and other important notices).
California residents may have additional personal information rights and choices. Please see Section 12 below for more information.
Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to us by visiting Section 12.1 of this Notice. However, please know we do not currently sell data triggering that statute's opt-out requirements.
We may rely on the following legal bases – namely, justified reasons – for processing your personal information:
We do not share your personal data except in the limited cases described in this Section.
To be more specific, if it is necessary for the fulfillment of our Purposes (in line with Section 6 above), we may disclose your personal information to the following entities/parties:
We may also disclose your personal data for the following additional purposes where permitted or required by applicable law:
Please be aware that AM Best does not sell your personal data to anyone.
AM Best is a global company. In order to provide you with the best service and carry out the purposes described in this Notice (Section 6 above), we may transfer your data internationally to our AM Best entities and/or our third parties that are located in the United States, the European Economic Area ("EEA"), or other countries.
In the event that EEA data is transferred outside the EEA, we are required to ensure that such transfers will take place using certain legal mechanisms (or "transfer tools"). We will therefore, only transfer EEA data outside the EEA if:
If you are a customer, supplier, sub-supplier, and/or Website visitor of A.M. Best América Latina, S.A. de C.V., by using the Website or by sharing personal data with us, you consent to the international transfer of information to countries outside of your residence, including international transfers to all of AM Best’s affiliate companies and/or our third parties that are located in the United States, the EEA, and/or other countries to carry out the purposes described in this Notice (Section 6 above).
Except as otherwise permitted or required by applicable law or regulation, AM Best retains your information only for as long as necessary to serve the purposes described in Section 6 above.
As soon as the pertinent retention period lapses, your personal data will be securely deleted or anonymized. Under some circumstances we may anonymize your personal data so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.
The criteria used by us to determine our retention periods include:
The security and confidentiality of your personal information is important to us. AM Best has implemented appropriate (and reasonable) physical, technical and organizational security measures to protect your personal information.
Some of the safeguards we use include data encryption of any information of sensitive nature you submit (such as a credit card number) and physical access controls to our data centers.
Moreover, we limit access to your data on a business need-to-know basis and we have data processing agreements in place, as well as policies and procedures to deal with any (potential) data breaches, data subject requests, etc. As discussed in Section 9 above, appropriate legal mechanisms (i.e., transfer tools) are used in the case of data transfers too.
The General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act (“CCPA”), the Federal Law on Protection of Personal Data Held by Private Parties (“FLPPDPP”) and other data protection legislations give you specific rights that help you be in control of your personal data. In particular, your rights under data protection laws include:
California's "Shine the Light" law (Civil Code Section § 1798.83) also permits users of the Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us by visiting Section 14 of this Notice.
Under certain cases, a minimum set of personal data will still be retained by us. In particular, we might need to keep some data longer due to legal requirements – or, for instance, in the case of your "right to object" and/or "opt-out', we will need to keep track of who opted-out from the relevant processing operation.
To exercise your rights regarding your personal data under this Section 12, please fill out this form to submit your request
For other queries, you can contact our Privacy Office (for contact information, please visit Section 14 below). We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions. In the event you are not satisfied with the reply received, you also have the right to lodge a complaint with the competent supervisory authority in your jurisdiction.
If the GDPR, CCPA or FLPPDPP is not applicable to your situation, you can consult our Privacy Office for additional guidance. Please check whether the data subject right you wish to exercise can actually be invoked in the legal order you belong to – or ask us for further clarification in this regard.
Please note that the scope, applicability and exemptions for each and every data subject right may significantly vary from jurisdiction to jurisdiction (and, thus, the legal consequences thereof).
If you have any questions and/or concerns about this Notice or the way AM Best uses your data, please contact our Privacy Office at Privacy@ambest.com – or write to us at the following address:
Attn: Privacy Office
Oldwick, NJ 08858
For more information about the contact details of AM Best's affiliate companies please visit the following link.
Last Reviewed December 7, 2021