Generali Global Assistance, Inc., dba Iris® Powered by Generali
Privacy Policy

Effective as of August 14, 2023 

Generali Global Assistance, Inc., dba Iris® Powered by Generali (“Iris”) values the privacy of our users and others who visit and use any Iris website, mobile application, and associated services (the “Services”). This statement (the “Privacy Policy”) governs information provided to us by you as a user of the Services, or that we learn from your use of the Services. BY ACCESSING, BROWSING, OR USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE RECEIVED, READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THE FOLLOWING PRIVACY POLICY AND ANY UPDATES TO IT. 

Personal Information 
Information you provide to us.  Personal information you may provide to us through the Services or otherwise when contacting us includes:

  •  Contact data, such as your first and last name, address, phone number, and email address.
  • Communications that we exchange with you, including when you contact us through the Services.
  • Financial data, such as payment card data.
  • Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
  • Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Automatic data collection.  We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing the Iris website, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
  • Location data when you authorize the Services to access your device’s location.


Cookies and similar technologies. Some of our automatic data collection is facilitated by cookies and similar technologies:

  • Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences, and login status as they navigate a site. Cookies used on our Services include both “session cookies” that are deleted when a session ends, “persistent cookies” that remain longer, “first party” cookies that we place, and “third party” cookies that our third-party business partners and service providers place.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email address was accessed or opened, or that certain content was viewed or clicked. 

How We Use Personal Information
Iris may use your personal information collected through the Services for various purposes, including:

  • Sending you goods and services purchased;
  • Communicating with you, including responding to your requests for information, sending you our email newsletter, and other inquiries;
  • Improving the Services, facilitating your user experience, and improving performance;
  • Monitoring the Services and analyzing usage trends and user activities;
  • Preventing, investigating, identifying, or taking other actions with regard to suspected or actual fraudulent or illegal activity or activities that violate our policies;
  • Complying with applicable laws, regulations, legal processes, industry standards, and our company policies; and
  • For any other purpose with your consent.

How We Share Personal Information

  • Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
  • Service providers.  Third parties that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, marketing, consumer research, and website analytics).
  • Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
  • Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
  • Business transferees. Acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Iris or our affiliates (including, in connection with a bankruptcy or similar proceedings).
  • Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so.

Your Choices
Access or update information. If your personal information changes, or if you no longer desire to have a relationship with us, you may correct or update by emailing legal@us.generaliglobalassistance.com. We will respond to your request within a reasonable timeframe.

Opt-out of marketing communications.  You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us.  Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.  

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Children
The Services is not intended for use by anyone under thirteen (13) years of age. Consistent with the Children’s Online Privacy Protection Act of 1998 (COPPA), Iris will never knowingly request information from anyone under the age of thirteen (13) without requiring parental consent. IF YOU ARE UNDER THIRTEEN (13) YEARS OF AGE, THEN PLEASE DO NOT USE OR ACCESS THE SERVICES AT ANY TIME OR IN ANY MANNER.  If you believe the personally identifiable information of anyone under the age of thirteen (13) has been provided to Iris, and you are the parent or guardian of that individual, you may contact us to request that we delete any such personally identifiable information, at legal@us.generaliglobalassistance.com.

Retention
We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

Security
We maintain various physical, electronic and procedural safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of personal information.

Note to International Visitors
We are headquartered in the United States and may use service providers that operate in other countries. Therefore, by using the Services or contacting us from outside of the United States, you acknowledge that your personal information may be transferred to or stored in the United States where we are established, as well as in other countries outside of the United States. Such countries may have data protection rules that are different and less protective than those of your country.

Third-Party websites
The Services may contain links to websites and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party and we cannot control, and take no responsibility for, the content or privacy practices of such third-party websites or online services operated by third parties. We encourage you to review the privacy policy and any other applicable terms for such third-party websites or online services operated by third parties.

Changes and Updates to this Privacy Policy
Iris reserves the right to modify this Privacy Policy at any time. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Services after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

Data protection registration
Our partner SentryBay Ltd is registered as a data controller with the UK Information Commissioner's Office. Our provider, SentryBay Ltd, is registered under the UK Data Protection Act.

How to contact us