World Access, Inc. and its subsidiaries, including Jefferson Insurance Company and World Access Service Corp., d/b/a Mondial Assistance USA, are committed to protecting your privacy. By using our products, services or website, you are consenting to our collection and use of your data under this Policy.

Definitions

1. Personal Data. "Personal Data" means non-public personal information that identifies an individual. It doesn't include data that is encoded, anonymized or aggregated.
   
   
2. Sensitive Data. "Sensitive Data" means personal information about an individual's race or ethnicity; political, religious, ideological or trade union memberships, opinions, views or activities; medical conditions; sexuality; or administrative or criminal proceedings that are treated outside pending proceedings. In addition, Sensitive Data includes information we receive from a third party who treats and identifies the information as sensitive.
   
   
3. Agent. "Agent" means any third party that collects or uses Personal Data to perform tasks on our behalf, or our underwriters.

Privacy Practices

We strive to comply with the laws of the countries in which we do business regarding the protection of your Personal Data, including the EU Directive on Data Protection. In an effort to comply with such laws, we have joined the U.S. Department of Commerce's EU Safe Harbor and Swiss Safe Harbor programs (collectively, "Safe Harbor"), and we adhere to the following principles for handling your Personal Data:

1. Notice: We collect Personal Data from you including information: (i) from forms, such as application or claim forms; or by telephone, email or correspondence; (ii) that is necessary to complete your transaction with us (e.g. to underwrite coverage or process claims); (iii) regarding your transactions with us or others; (iv) we receive from a consumer reporting agency; or (v) you authorize us to collect from others.
   
   We collect your Personal Data: (i) to offer or sell you our travel insurance and assistance products or provide you with information or services for such products; (ii) to administer these products for you, including but not limited to adjudicating claims or fraud prevention; or (iii) for purposes to which you've otherwise consented.
   
   When you use our website, we collect your IP address and other data about your usage. We also use Google, Inc.'s Google Analytics service, which uses cookies (text files on your computer) to transmit your IP address and other website usage data. Google stores and aggregates to analyze such usage and create reports for us. We, our affiliates and our Agents only use such website usage data and such Google reports for website improvement and Payment Card Industry (PCI) compliance. You can refuse cookies by disabling them in your browser.
   
   If we collect your Personal Data for any other reason, we'll notify you before using or disclosing that data, stating our purpose for collecting and using the data, the types of non-Agent third parties to which we disclose the data, and the means we offer you to limit the use and disclosure of the data. If we receive Personal Data from any entity in the EU, we'll use that data according to the instructions such entity gives us regarding notices it provided and the choices made by the individuals to whom such data relates.
   
   
2. Choice. Except as required by law, we do not share, sell or otherwise disclose your Personal Data to non-Agent third parties or use it for any purpose other than for which it was originally collected or as you subsequently authorize. However, if ever we wish to do so, we will offer you the opportunity to choose not to permit us to use your Personal Data ("opt-out") by sending an appropriately detailed request to the address provided below. In the event that we wish to disclose your Sensitive Data to a non-Agent third party or use such data for a purpose other than for which it was originally collected or as you subsequently authorize, we will provide you the affirmative, explicit choice of whether you wish to permit such disclosure ("opt-in").
   
   Though we make every effort to preserve your privacy, we may need to disclose Personal Data or Sensitive Data if we have a good-faith belief that it is necessary to (a) protect or defend our or your rights or property; or (b) comply with any applicable law or regulation, judicial or other mandate. In any such case, we will take reasonable care to disclose only as much Personal Data as is necessary.
   
   
3. Onward Transfer. We may disclose your Personal Data to our Agents, but only for the above-stated purposes. We will take reasonable steps to obtain assurances from our Agents that they will safeguard your Personal Data consistent with this Policy. Upon discovery, we will take reasonable steps to stop the Agent from using or disclosing Personal Data that is contrary to this Policy.
   
   
4. Security. We take reasonable precautions to protect your data from loss, misuse, or unauthorized access, disclosure, alteration and destruction. To help maintain the security of your data, we employ physical, electronic and procedural safeguards, including utilizing policies to take reasonable precautions to (a) securely and confidentially maintain your Personal Data; (b) assess and protect against threats/hazards to the security or integrity of such data; and (c) prevent unauthorized access to or use of such data. To make your online transaction with us as safe and secure as possible, we use advanced encryption technology and treat your credit card information and other Personal Data with the highest standard of confidentiality and safety.
   
   
5. Data Integrity. To help maintain the integrity of your data, we will take reasonable steps to ensure that Personal Data is reliable for its intended use, relevant, accurate, complete and current.
   
   
6. Access. If you discover that the data we hold about you is inaccurate or incomplete, please let us know by contacting us as indicated below. We will grant you reasonable access to the Personal Data we hold about you and will take reasonable steps to allow you to correct, amend or delete your Personal Data that you show to be inaccurate or incomplete, so long as it can be done without imposing an undue burden or expense on us.
   
   
7. Enforcement. We verify our compliance with the Safe Harbor and the terms of this Policy by conducting a periodic self-assessment. Any complaint or dispute about how we handle your Personal Data should be directed to the address provided below. We will investigate and attempt to resolve any such complaints or disputes internally; however, if we are unable to reach a mutually satisfactory resolution for such complaint or dispute, we have agreed to participate in the dispute resolution procedures administered by the European data protection authorities' Safe Harbor dispute panel.

Links

Our websites may provide links to non-affiliated third party websites. Be aware when visiting such websites that we are not responsible for and make no representations regarding the content, privacy policies and practices (security or otherwise) regarding these or any other third party websites. You should read the policies of the websites you visit to understand their policies for the collection and treatment of data.

Changes to Policy

This Policy reflects our business practices and is not a contract. We may amend this Policy at any time and will notify you of any updates by posting a revised policy on our website. The revised policy will apply to all information collected by us, including previously collected information, to the extent permissible under the Safe Harbor. Your continued use of our website, products or services following any such amendment shall constitute acceptance of the revised policy. You are responsible to regularly review this Policy.

Contact

Questions or comments regarding this Policy or the way that we collect or handle your Personal Data should be submitted to our Chief Privacy Officer either by e-mail at privacy@mondialusa.com or by regular mail at the following address: Mondial Assistance USA, ATTN: Chief Privacy Officer, 2805 N. Parham Rd., Richmond, VA 23294.

Effective Date

This policy was last revised on, and is effective as of, June 22, 2009.