7. Data Accuracy
Euler Hermes recognizes the importance of maintaining accurate and up-to-date personal information. In compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA), we have implemented measures to ensure the accuracy of the data we collect, use, and disclose.
Our Data Accuracy Measures Include:
1. Regular Updates:
We encourage individuals to provide accurate and complete information when interacting with us. We regularly review and update personal information to ensure it remains current, especially when changes are communicated to us by individuals.
2. Verification Processes:
We employ verification processes to confirm the accuracy of personal information at the point of collection. This includes cross-referencing data with reliable sources and requesting additional documentation when necessary.
3. User Access:
Individuals have the right to access their personal information and request corrections if inaccuracies are identified. We provide mechanisms for individuals to review and update their information, ensuring it reflects their current situation.
4. Employee Training:
Our employees receive training on the importance of data accuracy and their role in maintaining accurate records. They are equipped with the knowledge and tools necessary to verify information and make corrections when required.
5. Data Integrity Checks:
Automated systems and manual reviews help ensure that data remains accurate and reliable.
6. Feedback Mechanisms:
We welcome feedback from individuals regarding the accuracy of their personal information. We have established channels for individuals to report inaccuracies, and we take prompt action to investigate and rectify any issues.
7. Third-Party Data:
When obtaining data from third parties, we take steps to ensure its accuracy and reliability.
8. Continuous Improvement:
We continuously assess and enhance our data accuracy measures, incorporating best practices and technological advancements to improve our processes.
8. Retention
We retain personal data for as long as it is relevant to the contractual relationship and necessary to achieve the purposes for which it was collected, or to fulfill our legal obligations, or to the extent permitted by law to protect our legitimate business and legal interests, for example, to defend legal claims. We then delete your personal data.
9. Data Security
Euler Hermes is committed to safeguarding the personal information of our customers, partners, visitors, and employees. In compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable regulations, we have implemented comprehensive security measures to protect personal information against unauthorized access, disclosure, sale, alteration, and destruction.
Our Security Measures Include:
1. Physical Safeguards:
Access to our facilities is restricted to authorized personnel only. We employ security measures such as locked file cabinets, secure storage rooms, and surveillance systems to protect physical records containing personal information.
2. Organizational Safeguards:
We have established policies and procedures to ensure that personal information is handled securely within the organization. All employees receive regular training on privacy and data protection to maintain awareness and understanding of their responsibilities.
3. Technological Safeguards:
We use advanced technological solutions to protect electronic data. This includes encryption, firewalls, secure access controls, and intrusion detection systems. Regular audits and assessments are conducted to ensure the effectiveness of these measures.
4. Access Controls:
Personal information is accessible only to employees who require it to perform their job duties. We implement role-based access controls and authentication mechanisms to ensure that access is granted appropriately and securely.
5. Data Minimization:
We collect and retain personal information only as necessary for the purposes identified in our privacy notice. Data minimization practices help reduce the risk of unauthorized access or disclosure.
6. Incident Response:
In the event of a data breach or security incident, we have a comprehensive incident response plan in place. This includes immediate containment measures, notification procedures, and steps to mitigate any potential harm.
7. Third-Party Security:
When engaging third-party service providers, we ensure they adhere to equivalent security standards. Contracts and agreements include provisions for data protection and confidentiality.
8. Continuous Improvement:
We regularly review and update our security measures to reflect evolving threats and technological advancements. Feedback from audits and assessments is used to enhance our security posture.
Euler Hermes takes the protection of personal information seriously and is dedicated to maintaining robust security measures. We are committed to transparency and accountability in our privacy practices.
10. Residents of California
The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide consumers (California residents) with specific rights regarding their personal information. The section below describes these rights.
Access to Specific Information and Data Portability Rights
You have the right to request that Euler Hermes disclose certain information to you about our collection and use of your personal information over the past twelve months. Once we receive and confirm your verifiable consumer request, we will disclose to you, in a portable format:
- The categories of personal information we collected about you.
- The sources for the personal information we collected about you.
- Our business or commercial purposes for collecting that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you.
Correction of information
You have the right to request the correction of your information within the rights provided by the CCPA. A request for correction of inaccurate personal information can be made using the contact information listed in section 12.
Deletion of information
You have the right to request the deletion of your information within the rights provided by the CCPA. The right to deletion does not apply where the retention of personal information is needed to perform any of the following:
- Provide goods or services to you;
- Detect or resolve security or functionality-related issues;
- Comply with the law;
- Conduct research in the public interest;
- Safeguard the right to free speech; or
- Conduct any actions for internal purposes that you might expect
Non-Discrimination
Euler Hermes will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts, rebates, or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.
Limitation of use
You have the right to request we limit the use and disclosure of your sensitive personal information, or to opt out of the sale of your personal information using the contact information in section 12.
Exercising your rights
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a twelve-month period. A verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and
- Describe your request with sufficient detail that allows us to properly understand, evaluate and respond.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
11. Citizens of the European Union
Euler Hermes is a “data controller” as defined by applicable laws and regulations (specifically, the EU General Data Protection Regulation). This means that Euler Hermes is the legal entity in control of the personal data it collects and is required by law to ensure policies, processes and procedures are in place to safeguard this data and respect the rights of the individuals whose data is collected.
When providing our customers with trade-related credit solutions, we may collect information about you and your company to assess and monitor our own risk and to collect debts. We collect information from third parties or publicly available information. Additionally, we might collect information that you directly disclose to us.
Please click here to access the full privacy notice for Euler Hermes Group.
12. How to exercise your rights
If you have questions about our privacy practices or your personal data, including taking actions listed in this privacy notice, you can contact David Dienesch, our designated Privacy Officer responsible for ensuring compliance with PIPEDA, using the following methods:
Only you, or a person legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. A verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and
- Describe your request with sufficient detail that allows us to properly understand, evaluate and respond.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Process for managing requests:
Upon receiving your request, our Privacy Officer will initiate an investigation into the matter. We aim to resolve all complaints promptly and fairly. During the investigation, we may contact you for additional information or clarification to ensure a thorough understanding of your concern.
After completing the investigation, we will inform you of the outcome and any actions taken to address the issue. If necessary, we will update our policies or practices to ensure compliance with PIPEDA and other relevant provincial regulations.
If you are not satisfied with the resolution provided by Euler Hermes, you have the right to escalate your complaint to the Office of the Privacy Commissioner of Canada. The Commissioner can be contacted at www.priv.gc.ca or by telephone at 1-800-282-1376.
We value your feedback and view it as an opportunity to improve our privacy practices. All requests, complaints and challenges are documented and reviewed to identify trends and areas for improvement in our policies and procedures.
Our privacy practices and this privacy notice are reviewed at least once every twelve months for compliance with evolving regulations. We will ensure the most recent version of the privacy notice is available here. This privacy notice was last updated on May 1, 2025.