Privacy Policy

Last Updated: April 24, 2024

At United States Fire Insurance Company t/a Crum & Forster and its affiliated companies within Crum & Forster (“Crum & Forster”, “we”, “our”, and “us”), the protection of the information we collect about you is important to us. This privacy policy (“Privacy Policy”) applies to any websites (including www.cfins.com, our “Website”) and any related products and services, including any associated interactive features, widgets, plug-ins, applications, content, downloads and other services we may offer to you that posts a link to this Privacy Policy (collectively, the “Services”), regardless of how you access or use them, whether via personal computer, browser, laptop, tablet, mobile phone or other device (each a “Device”). This Privacy Policy covers how Crum & Forster collects, uses, shares, and processes personal and other ‎information and data of users of our Services unless an affiliate has a different privacy policy, in which case, that privacy policy shall describe that affiliate’s collection, use and sharing of personal information. To the extent that we provide you with notice through our Services of different or additional privacy policies or practices (e.g., at the point of collection), those additional privacy policies shall govern such data collection and use.

By using or accessing our Services or by submitting information to Crum & Forster, you consent to the terms of this Privacy Policy.

In addition to reading this Privacy Policy, please review our Terms of Use, which governs your use of our Services.If you do not agree to our Terms of Use and the collection, use and sharing of your information as detailed in this Privacy Policy, please do not access or otherwise use our Services or any information or content accessible on our Services.

We reserve the right to change this Privacy Policy at any time, and we will post a notice or inform you of any such ‎changes on our Website. Your use of our Services following the posting of an updated Privacy Policy constitutes your acceptance of such updated Privacy Policy. We reserve the right to apply the amended terms to the information that we have already collected, subject to any legal constraints. We will not, however, use your previously collected Personal Information in a manner materially different than represented at the time of collection. To the extent any provision of this Privacy Policy is found by a competent tribunal to be invalid or unenforceable, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.

Please note that this Privacy Policy applies only to our information-gathering, use, and ‎dissemination practices in connection with our Services. This Privacy Policy does not apply to ‎any of our information practices conducted separately by Crum & Forster outside of our Services.‎

This Privacy Policy is written in the English language. We do not guarantee the accuracy of any ‎translated versions of this Privacy Policy. To the extent any translated versions of this Privacy ‎Policy conflict with the English language version, the English language version of this Privacy ‎Policy shall control.‎

Table of Contents

1.  Information Collection.

We collect information from you in several ways, including when you choose to share information with us by entering it through our Services and by using automated processes. We also collect information about your transactions with us, such as any information you submit to us through our Services.

(a) Information You Provide.

We may ask you and you may choose to provide certain “Personal Information” to us, which is information that identifies you personally, such as your first and last name, e-mail address, mailing and billing addresses, government identification numbers, policy number, date of birth, social security number, job title, marital status, employment information, telephone number, customer service requests, application, quote, and claim information, and information about relationship to a policy holder, insurer, or claimant. If you submit a claim online, you may also provide a description of the claim that may include health and medical information, and other personal information included in your description. Please note that we use a third-party payment processor and so we do not store information about your payment card when you submit an online payment. If you choose to submit a claim online, we may require you to provide additional information, such as information about your insurance policy, including the policy number, and information about the harm suffered and the circumstances, causes, reasons, and events that led you to make an insurance claim. This information you submit may also include posts, comments, photos, messages, feedback, and other content you generate. We may collect this information in a variety of places, including claim submission forms, through our Services in its various forms including any applications, and through our bill payment platform.

(b) Information About Third Parties.

By submitting Personal Information about any third party, you represent and warrant to Crum & Forster that you have the consent of the third party to do so, and that the information you submit is factually accurate.

(c) Automated Information Collection.

In addition to any information that you choose to submit to us via our Services, we and our third-party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with our Services (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your Device whenever you visit or interact with our
Services. To the extent we associate Usage Information with your Personal Information we collect directly from you through our Services, we will treat it as Personal Information.

This Usage Information may include:

• your IP address, UDID or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to your Device used to access our Services, and our computers identify your Device by its Device Identifier;
• your Internet Service Provider (ISP);
• your Device functionality (including browser, operating system, hardware, mobile network information);
• the URL that referred you to our Services;
• the areas within our Services that you visit and your activities there, including remembering you and your preferences;
• your Device location;
• your Device characteristics; and
• certain other Device data, including the time of day, among other information.

Tracking Technologies. We may use various methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):

• Cookies. A cookie is a data file placed on a Device when it is used to visit our Services. HTML5 cookies can be programmed through HTML5 local storage.
• Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs”) may be included in our the pages and messages of our Services. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to our Services, to monitor how users navigate our Services, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
• Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with our Services, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third-party service provider, is active only while you are connected to our Services and is deactivated or deleted thereafter.
• Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
• ETag, or Entity Tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, and/or HTML5 cookies.
• Recognition Technologies. Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices in the same user)

Tracking Technologies Usage. We may use Tracking Technologies for a variety of purposes, including:

• Strictly Necessary. We may use cookies or other Tracking Technologies that we consider are strictly necessary to allow you to use and access our Services, including cookies required to prevent fraudulent activity and improve security.
• PerformanceRelated. We may use cookies or other Tracking Technologies that are useful in order to assess the performance of our Services, including as part of our analytic practices or otherwise to improve the content, products or services offered through our Services.
• FunctionalityRelated. We may use cookies or other Tracking Technologies that are required to offer you enhanced functionality when accessing our Services, including identifying you when you signin to our Services or keeping track of our specified preferences, including in terms of the presentation of content on our Services.
• TargetingRelated. We may use Tracking Technologies to deliver content relevant to your interests on our Services and third-party sites based on how you interact with our content. This includes using Tracking Technologies to understand the usefulness to you of the content that has been delivered to you.
• Session Replay / Pixel Tracking. We also rely on Tracking Technologies for purposes of session replay and pixel tracking, which collect Information that tracks your interactions with our Services, including mouse movements, text, heatmap data, and other information associated with your visit to our site. This information is used to help us improve our site and better provide you with information you are interested in when you visit our site. For more information about how these technologies process your information,
  please review our vendor’s site here: https://logrocket.com/https://logrocket.com/.

2. Use of Collected Information.

We may use the information that we collect from you to process transactions, and provide products, services, and information to you. We may use your information to process your applications, payments, to adjust claims, provide loss control services, to inform underwriting, and to provide you with information that may be of interest to you. We may anonymize or aggregate your information for marketing and actuarial purposes. We may also use your information to process your account registration and to enable you to use certain features of our Services. We may also use the information that we collect to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred. We may also use the information that
we collect to customize your experience on our Services, to better tailor our product offerings, to improve our Services and the content provided on and through our Services, to provide customer support, to enforce our Terms of Use, to meet our legal obligations or to inform a legal proceeding, and to provide you with content or advertisements that may be of interest to you. We may also use the information we collect from you for additional purposes with your consent.

3. Information Sharing.

We may share the information that we collect from you, including Personal Information, with third parties for a variety of purposes. For example, we may share information with service providers who assist us in our business operations. We may also share information where required by law or to satisfy any applicable law, regulation, subpoena, government request, or other legal process. We may also share information with third parties, including law enforcement, to protect our Services and to enforce our Terms of Use. We also reserve the right to share the information that we collect with our subsidiaries and affiliates for marketing and other business purposes and with any subsequent owner in the event of a merger, consolidation, sale of our assets, or other change in our business, including during the course of any due diligence process.

(a) Co-Branded Areas.

We may provide certain parts of our Services in association with third parties, such as promotional partners or affiliates. These “co-branded areas” will identify the third party. If you choose to use these co-branded areas, we may share your information with the identified third party, and that third party may also collect information from you, in addition to the information that we collect, as described above. You should review the privacy policies of those identified third parties to understand how they collect and use information.

(b) Links to Third-Party Web sites.

Our Services may include links to third-party websites or other online services. We are not responsible for these other sites and services, and they may collect and use information about you. You should review the privacy policies for such third parties before using their sites or services to understand how they collect and use information.

(c) Third-Party Tracking and Do Not Track.

Third parties may use tracking technologies in connection with our Services, which may include the collection of information about your online activities over time and across third-party websites. This Privacy Policy does not apply to these third-party technologies because we may not control them and we are not responsible for them. Do Not Track is a technology that enables users to opt out of tracking by websites they do not visit. Currently, we do not monitor or take any action with respect to Do Not Track technology.

(d) Analytic Services and Targeted Ads. 

We use third-party analytics services, like Google Analytics, to collect, monitor and analyze data we collect through our Services to better understand how our Services are used and to improve its functionality. These services may track details about your online activities over time and across different websites. These services may also allow us and others to provide you with targeted advertisements or other content that you may be interested in based on your online activities.

The Google Analytics service tracks and reports website traffic and provides us insight into behavior information relating to visitor age, gender and interests. Google Analytics Demographics and Interest Reporting give us insight into behavior to help us understand browsing behavior and give you a better experience when you visit our website. You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings.

These third-party services have their own privacy policies addressing how they use such information. We recommend you review their privacy policies. If you want to prevent your data from being used by Google Analytics, you may wish to take advantage of Google Analytics’ currently available opt-outs for the web.

If you would like to learn more about targeted ads that may be based on your online activities, and the choices that you may exercise for certain sites and advertisers, you may wish to visit the Network Advertising Initiative or the Digital Advertising Alliance.

4. Information Protection.

We use commercially reasonable and industry standard security technologies and safeguards to protect the information that we collect and use. For example, we use Secure Sockets Layer (SSL) for our registration and ordering functions, and we utilize a PCI-certified service provider to process payment card payments. We also expect our service providers to protect information in the same manner. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed 100% secure. Please note that we cannot guarantee the security of any information you transmit to us.

5. Users Outside of the United States.

If you are from a non-U.S. country, please be aware that the personal information you submit, including information provided through our Services, is being sent to a location in the United States. The data protection laws in the United States are likely different from those of the country in which you are located, and your personal information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States. By providing such personal information through the Services, you are consenting to (and represent that you have authority to consent to), the transfer of such information to the United States for the uses and purposes described in this Privacy Policy. Without limiting the above, for the avoidance of doubt we do not have an establishment or target ‎people in the EEA or UK.

6. Social Security Protection Policy Statement‎

It is our policy to protect the confidentiality of Social Security numbers (SSNs) ‎from ‎misuse ‎and improper disclosure by maintaining and enforcing physical, ‎‎‎electronic, and procedural ‎‎safeguards. We prohibit unlawful disclosure of ‎SSNs, and limit access to SSNs to our ‎personnel ‎who need access to SSNs in ‎order to perform their job functions. We do not ‎disclose SSNs to ‎third parties ‎except where required or ‎‎permitted by law.‎

7. Children’s Privacy.

Our sites and applications are intended for general audiences, and we do not knowingly seek or collect personal information from children under the age of eighteen (18). In accordance with the Child Online Privacy Protection Act, in the event that we learn that we have collected personal information from a child under age thirteen (13) without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any personal information from or about a minor, please contact us at CFGeneralCounsel@cfins.com.

8. Your California Privacy Rights

If you are a resident of California, you have additional rights under California law. Please review ‎‎our California Consumer Privacy Act Privacy Policy for ‎‎more information about additional rights under California law.‎

Residents of California may also, under §1798.83, known as the “Shine The Light” law, request ‎‎and obtain from us, once a year and free of charge, information about categories of personal ‎‎‎information (if any) we disclosed to third parties for direct marketing purposes and the names ‎‎and ‎addresses of all third parties with which we shared personal information in the immediately ‎‎preceding ‎calendar year. If you are a California resident and would like to make such a request, ‎‎please submit your ‎request clearly in writing to us using the contact information provided below.

9. Other Notices of Privacy and Information Practices.

The federal Gramm-Leach-Bliley Act and a variety of U.S. state privacy laws require Crum & Forster to provide a notice of privacy and insurance information practices to certain U.S. consumers who obtain an insurance product or service for personal, household, or family use.  That notice provides additional information regarding Crum & Forster’s privacy practices and is available here.

10. Contact Us.

If you have any questions about our privacy policy or comments on our Services or become aware of misuse of our Services by any person, please contact us at:

Crum & Forster
Attn: General Counsel
P.O. Box 1973
305 Madison Avenue
Morristown, NJ 07962
CFGeneralCounsel@cfins.com