Notice to citizens of the European Union under the General Data Protection Regulation (“GDPR”)
Riverwood Claims Management, Inc. may collect personal data in the course of insurance claim investigations. This personal data may include, but is not limited to, names, addresses, telephone numbers, and criminal histories for individuals who are relevant to the claims we investigate.
We obtain this data through sources such as publicly available police reports, site inspections, and personal interviews. In some instances, individuals must provide personal data to comply with the terms of their insurance policies, as well as to fulfill other legal requirements.
We conduct investigations for clients such as insurance companies and self-insured businesses. When appropriate, we provide personal information obtained in our claim investigations to our clients. This data is necessary for our clients to evaluate the insurance claims we investigate. In some instances, our clients are based in the United Kingdom and other foreign countries, although most of our clients are based in the United States. Additionally, regulators and parties in lawsuits sometimes obtain the data we collect through subpoenas and other legally enforceable orders.
In storing and transferring this data, our company complies with SOC 1 and SOC 2 security standards. We retain the data for time periods in line with the relevant statutes of limitations as well as industry standards for data preservation.
Depending on the circumstances, we collect and process personal data for the following lawful bases:
- We receive consent to process the data.
- Processing the data is necessary for the performance of a contract the data subject is a party to or will be a party to.
- Processing the data is necessary for us to fulfill our legal obligations.
- Processing the data is necessary to protect the legal interests of the data subject or another natural person.
- Processing the data is necessary for the public interest.
- Processing the data is necessary to protect the legitimate interests of our company and its clients.
In some instances, citizens of the European Union may have the following rights with respect to their personal data:
- The right to access their personal data in order to recertify the data, erase the data, or object to the processing of the data.
- The right to withdraw consent for retention of the personal data.
- The right to lodge a complaint with a supervisory authority.
- The right to know the source of personal data and whether it originates from publicly accessible sources.
Contact Information
If users have any questions or suggestions regarding this GDPR Privacy Notice, please contact:
Bill Thomasson, Data Protection Officer
4875 Avalon Ridge Parkway
Peachtree Corners, GA 30071
Tel: 770-263-6800
Fax: 770-368-3392
E-mail: MISManager@riverwoodtpa.com
Or
Tim Johns, IT Operations Manager
4875 Avalon Ridge Parkway
Peachtree Corners, GA 30071
Tel: 770.368.3351
Email: MISManager@riverwoodtpa.com