Sign into your Account
If you are a new user, click on the button below and follow the instructions.
If you are a new user, click on the button below and follow the instructions.
Website Privacy Notice
Last Updated: August 2020
This privacy notice describes how Acclaris (the “Company,” “we,” “us,” or “our”) handles personal information collected through this website and other websites we control that link to this privacy notice (the “Websites”), as well as related to our products and services. Acclaris is an affiliate of Willis Towers Watson which operates worldwide through subsidiary and affiliate companies. A list of the Willis Towers Watson group companies (collectively, "Willis Towers Watson," "we," "us," or "our") can be viewed here. Both Willis Towers Watson and Acclaris are committed to privacy and to transparency in our information practices.
Categories of personal information we collect
How we use personal information
Name, contact information and other identifiers: identifiers such as a real name, alias, address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
Providing support and services and operating our websites
Analyzing and improving our business
Personalizing content and experiences
Advertising, marketing and promotional purposes
Securing and protecting our business
Defending our legal rights
Auditing, reporting, corporate governance, and internal operations
Complying with legal obligations
Customer records: paper and electronic customer records containing personal information, such as name, signature, physical characteristics or description, address, telephone number, education, current employment, employment history, social security number, passport number, driver’s license or state identification card number, insurance policy number, bank account number, credit card number, debit card number, or any other financial or payment information, medical information, or health insurance information.
Protected classifications: characteristics of protected classifications under California or federal law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.
Biometric information: physiological, biological or behavioral characteristics that can be used alone or in combination with each other to establish individual identity, including DNA, imagery of the iris, retina, fingerprint, faceprint, hand, palm, vein patterns, and voice recordings, keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. (to the extent permitted and subject to applicable laws)
Usage data: internet or other electronic network activity Information including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
Geolocation data: precise geographic location information about a particular individual or device.
Audio, video and other electronic data: audio, electronic, or similar information such as call recordings.
Employment history: professional or employment-related information.
Profiles and inferences: Inferences drawn from any of the information identified above to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
Individual rights. Please see the Individual Rights and Choices section below for a description of the choices we provide and the rights you have regarding your personal information. If you are a California resident, please be sure to review the section Additional information for California Residents below for important information about the categories of personal information we collect and disclose and your rights under California privacy laws.
This privacy notice describes, generally, how Acclaris handles and processes personal information related to:
Our collection, use and disclosure and processing of personal information about individuals will vary depending upon the circumstances. This privacy notice is intended to describe our overall privacy and data protection practices. In some cases, different or additional notices about our data collection and processing practices may be provided and apply to our processing of certain personal information.
Personal information. In this privacy notice, our use of the term “personal information” includes other similar terms under applicable privacy laws—such as “personal data” and “personally identifiable information.” In general, personal information includes any information that identifies, relates to, describes, or is reasonably capable of being associated, linked, or linkable with a particular individual.
Not covered by this notice. This privacy notice does not apply to job applicants and candidates who apply for employment with us through or to our employees and non-employee workers whose personal information is subject to different privacy notices which are provided to such individuals in the context of their employment or working relationship with Acclaris or a Willis Towers Watson group entity.
2. Controller and Responsible Group Entities
When providing Services to clients, we may receive or collect your personal information from or on behalf of our client. In this scenario, we will only process personal information on behalf of and subject to the instructions of our clients (who, from a privacy law perspective, are controllers or businesses with respect to the personal information we process on their behalf). Where we are acting as a “service provider” or “processor,” our clients’ privacy notices (and not this one) will apply to and control the processing of personal information.
Where we act in our capacity as a controller for personal information, for the purposes of the GDPR and other relevant applicable laws:
Services and other activities. With respect to our Services and other business activities, in general, the Willis Towers Watson group company with whom you engage is the controller for your personal information, together with Willis Towers Watson plc, the parent company for the Willis Towers Watson group. (Click here to view the Willis Towers Watson group Companies).
3. Cross-border Transfer
The data that we collect from you may be transferred to, accessed, processed or stored in, and subject to requests from law enforcement in, jurisdictions outside of your home jurisdiction, including the United States, the European Union and other jurisdictions, in which we or our service providers operate. Some of these jurisdictions, including the United States, may not provide equivalent levels of data protection as your home jurisdiction. We have established safeguards to protect personal information that is transferred to other countries, including appropriate contractual protections. For more information on the appropriate safeguards in place, please contact us using the details below.
We collect personal information directly from individuals, automatically related to the use of the Services and Websites, and in some cases, from third parties (such as platform providers, payment processors, and operators of certain third-party services that we use). Generally, we collect your personal information on a voluntary basis. However, if you decline to provide certain personal information that is marked mandatory, you may not be able to access certain services or we may be unable to fully respond to your inquiry.
The personal information that we collect and process will vary depending upon the circumstances. For example, the personal information we may collect includes:
We may also collect additional personal information in providing our Services, operating our business, and interacting with individuals in the course of our business, which may at times include “sensitive" information (otherwise known as “special categories of personal information” under the GDPR), such as health records. In these instances, we will provide specific data processing information to you regarding how we may process that data and what rights you may have regarding such processing.
Categories of sources of personal information we collect. We may collect personal information directly from you, as well as automatically related to your use of our Websites and other services, as well as from third parties. For example, we collect personal information:
Categories of personal information we collect. While the personal information we collect varies—as explained above—depending upon the nature of the services provided or used and our interactions with individuals, we may collect the following categories of personal information (subject to applicable legal requirements and restrictions):
While the purposes for which we may process personal information will vary depending upon the circumstances, in general we use personal information for the purposes set forth below.
Aggregate and de-identified information. We may de-identify personal information and create anonymous and aggregated data sets and reports in order to assess, improve and develop our business, products and services, prepare benchmarking reports on our industry and for other research, marketing and analytics purposes. Aggregated or de-identified information does not personally identify you or any other user (for example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code).
6. Disclosure of Personal Information
We disclose the personal information we collect as set forth in this section.
A. Purposes for Which We Disclose Personal Information
Acclaris may disclose your personal information to any Willis Towers Watson group company for the uses and purposes set out above, including for marketing the products and services offered by other businesses across the Willis Towers Watson group (subject to applicable laws). We may also disclose your personal information for the following reasons:
We request those external service providers to implement and apply security safeguards to ensure the privacy and security of your personal information. These third parties have agreed to confidentiality restrictions and to use of any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
Aggregate and de-identified information. We may share aggregate or de-identified information, which does not identify and is not linked or linkable to a particular individual, with third parties for research, marketing, analytics and other purposes.
B. Categories of Personal Information Disclosed.
Certain privacy laws (such as the CCPA) require that we disclose the categories of Personal Information that we have disclosed for a business purpose as well as the categories that we have “sold” (as that term is defined under the CCPA or other applicable laws). Please review the descriptions of the categories of personal information under the Personal Information Collected section above, for further descriptions of each category of personal information.
Disclosed for a business purpose. In general, we may disclose the following categories of personal information in support of our business purposes identified above:
Categories of personal information sold. While we do not disclose personal information to third parties in exchange for monetary compensation from such third parties. we do disclose or make available personal information to third parties, in order to receive certain services or benefits from them, such as when we allow third party tags to collect information such as browsing history on our Websites, in order to improve and measure our ad campaigns. The CCPA defines a “sale” as disclosing or making available to a third party Personal Information in exchange for monetary or other valuable consideration. Pursuant to the CCPA, the categories of Personal Information that we may “sell” as defined under the CCPA includes:
C. Categories Third Parties to whom Personal Information is Disclosed.
As set out above we may disclose Personal Information to other Willis Towers Watson Group Companies, our clients, service providers that support our operations, and cookies providers. Examples of service providers may include companies who assist in fulfilling our contracts and providing customer assistance. For instance, a service provider may be utilized to perform mailings. We also may disclose Personal Information to cookies providers that facilitate the operation of our Websites, by supporting the Websites functionality or providing analytics related to the use of the Websites.
7. Cookies and Tracking
Our Websites may use first party and third-party cookies, pixel tags, plugins and other tools to gather device, usage and browsing information when users visit our Websites or use our online services. For instance, when you visit our Websites, our server may record your IP address (and associated location information) and other information such as the type of your internet browser, your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, and the pages you view and links you click on our Websites, as well as date and time stamps associates with your activities on our Websites.
Pixel tags and other similar technologies. Pixel tags (also known as web beacons and clear GIFs) may be used in connection with some Websites to, among other things, track the actions of users of the Websites (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Websites and response rates. We and our service providers also use pixel tags in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Log files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version and internet browser type and version. This information is gathered automatically and stored in log files.
Do-Not-Track signals. Please note that our Websites do not recognize or respond to any signal which your browser might transmit through the so-called 'Do Not Track' feature your browser might have. If you wish to disable cookies on our Websites, you should not rely on any 'Do Not Track' feature your browser might have. For more information about do-not-track signals, please click here.
8. Interest-based Advertising
You can manage how your preferences regarding third party ad company cookies set by this Website, using our cookie preference manager available in the footer of the linked page.
Please see our Cookie Notice for information about the third parties we may work with to display targeted ads on third-party sites and to measure the success of our marketing and campaigns. You may also obtain more information about targeted or “interest-based advertising” and opt-out of many ad networks at the industry websites below:
We have implemented technical and organizational security measures to protect the personal information we collect. Despite this, the security of the transmission of information via the Internet cannot always be guaranteed and you acknowledge this in your access and use of our Websites. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the "Contact & Comments" section below.
10. Individual Rights and Choices
Marketing. You may opt out from receiving marketing-related communications from us on a going-forward basis by contacting us or by using the unsubscribe mechanism contained in each email. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt out.
Access, amendment and deletion. You may request to review, make amendments, have deleted or otherwise exercise your rights under applicable privacy laws over your personal information that we hold, subject to certain limitations under applicable law. You may submit a request to us related to your personal information:
We take steps in accordance with applicable legislation to keep your personal information accurate, complete and up-to-date. If you would like to review, correct, update, suppress, or restrict the processing of your personal information or request a copy of personal information about you, you may contact us by sending us an email at firstname.lastname@example.org or sending your request by postal mail to the address provided in the "Contact & Comments" section below.
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your personal information. For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.
To exercise your rights please contact us using the contact information below. Subject to legal and other permissible considerations, we will make reasonable efforts to honour your request promptly or inform you if we require further information in order to fulfill your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Additional information for certain jurisdictions. Willis Towers Watson is committed to respecting the privacy rights of individuals under all privacy laws applicable to us. Some privacy laws require that we provide specific information about individual rights to applicable consumers, which we have set forth at the end of this Notice:
11. Retention Period
We will retain your personal information for the period necessary to fulfill the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law. We may retain personal information for longer where required by our regulatory obligations or professional indemnity obligations, or where we believe it is necessary to establish, defend or protect our legal rights and interests or those of others. With respect to the data and files we handle as a processor, we retain this personal information in accordance with our clients’ instructions.
12. Children and Minors
The Websites and Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect personal information from minors under the age of 16. The sole exception to the forgoing is that our services may include collection of dependent information as required by the main account holder’s elections, and it is possible such dependents could be under the age of 16.
13. Changes to our Privacy Notice
From time to time, we may change our Privacy Notice. The effective date set forth at the top indicates the last time this Privacy Notice was revised. Checking this effective date allows you to determine whether there have been changes since the last time you reviewed the notice. We will notify you of changes to this privacy notice by posting the revised privacy notice on our Websites.
If you have any questions or comments regarding this privacy notice, please contact our Privacy Team, at 800 North Glebe Road, Arlington, VA 22203 or at email@example.com.
In this section, we set forth additional information as required under applicable privacy laws in certain jurisdictions.
A. California Residents
In this section, we provide information for California residents as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline. This section does not address or apply to our handling of:
Categories of personal information that we collect and disclose. Our collection, use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident. The table above sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, sell, and disclose to others for a business purpose. We collect these categories of personal information from the sources described in the Personal information we may collect section above, and for the purposes described in the Purposes for which we use personal information section above.
Rights of California residents. California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.
California residents may make a Request to Know up to twice every 12 months. We will respond to verifiable requests received from California residents as required by law. The instructions for submitting a verifiable Request to Know are described in the “Submitting Requests” section below.
Submitting Requests. Do-Not-Sell (Opt-out) Requests, Requests to Know, and Requests to Delete may be submitted:
We will use the following process to verify Requests to Know and Requests to Delete: We will acknowledge receipt of you Consumer Request, verify it using processes required by law, then process and respond to your request as required by law. To verify such requests, we may ask you to provide the following information: For a request to know categories of personal information which we collect, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you against information in our systems which are considered reasonably reliable for the purposes of verifying a consumer’s identity. For a request to know specific pieces of personal information or for requests to delete, we will verify your identity to a high degree of certainty by matching at least three pieces of personal information provided by you to personal information maintained in our systems and also by obtaining a signed declaration under penalty of perjury that the requester is the consumer whose personal information is the subject of the request. An authorized agent can make a request on a California residents’ behalf by providing a power of attorney valid under California law, or providing: (1) proof that the consumer authorized the agent to do so; (2) verification of their own identity with respect to a right to know categories, right to know specific pieces of personal information, or requests to delete which are outlined above; and (3) direct confirmation that the consumer provided the authorized agent permission to submit the request.
We will respond to verifiable requests received from California residents as required by law. For more information about our privacy practices, you may contact us as set forth in the Contact and Comments section above.