Privacy Policy

Trustmark is committed to safeguarding your personal information

Trustmark Mutual Holding Company and each of its subsidiaries (“Trustmark”, “we”, “our” “us”) respects your privacy and is committed to protecting it through our compliance with this policy (“Privacy Policy”).

This Privacy Policy applies to any individual who accesses any of our products, services or websites, or about whom we have collected any personal information (“you”, “your”).

This Privacy Policy describes the types of information we may collect from you or that you may provide to us, as well as our practices for collecting, using, maintaining, protecting and disclosing that information, as well as your rights with respect to your data.

What information might we collect?
As further detailed throughout this Privacy Policy, if you are applying for, enrolling in, or eligible for, a product or service offered by Trustmark, or if you visit any of our websites or mobile applications, we will collect information from and about you, which may include the following: 

  • Your name, signature, postal address, email address, phone number, Social Security number, driver’s license or similar ID number, insurance policy number or other insurance information, employment information, financial account number and/or other financial information, medical information, physical characteristics, biometric information, online user name or similar identifier. As further described below, we might also collect your Internet Protocol Address, internet browsing information related to our websites and geolocation data (“personal information”).  

 
How might we collect your personal information online or through web or mobile applications?
Accounts:
When you log in to your online accounts with Trustmark through one of our websites or through a mobile application, you may be required to share certain personal information with us so that we can identify you. You may be asked to provide an email address and password to create your account. In addition, if Trustmark offers you products or services because of your relationship with your employer, the employer may input personal information about you through our employer website portals or secured sections of our website. The collected personal information will be used to facilitate the delivery of our services to you and, with your consent when required by law, to provide you with relevant communications. 

Surveys or Contests:
Trustmark may provide you the opportunity to participate in surveys or contests when you visit our websites; participation is always voluntary. If you choose to participate, we will request certain personal information from you in order to identify you.  

Log Files and Tracking Technologies:
We may gather personal information such as Internet Protocol (IP) addresses, browser type, internet service provider (ISP), device identifier or clickstream data in order to tailor and improve our services to you, for analytics and to improve site functionality.

Technologies such as cookies, beacons and, tags or similar technologies may be used for analyzing trends, administering our websites, and tracking user movements around our websites. 
Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information.

Trustmark uses cookies in a range of ways to improve your experience on our website(s), including:

  • Keeping you signed in
  • To allow for single sign on
  • Understanding how you use our website
  • Improving your experience when you use our website

Most browsers allow you to control cookies through their settings preferences. However, if you limit the ability of websites to set cookies, you may worsen your overall user experience, since it will no longer be personalized to you. It may also stop you from saving customized settings like login information.

Definitions:
A “cookie” is a bit of information that a website sends to your web browser that helps the website remember information about you and your preferences.

Session” cookies are temporary bits of information that are erased once you exit your web browser window or otherwise turn your computer off. Session cookies are used to improve navigation on websites and to collect aggregate statistical information. This website uses session cookies.

Persistent” cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided (for example, passwords), helping to determine what areas of the website visitors find most valuable and customizing the website based on your preferences. This website uses persistent cookies.

Google Analytics
If you visit any of our websites, you consent to our use of Google Analytics, which uses cookies to collect non-personally identifiable information. Google Analytics uses cookies to track visitors who use our website. We then use the information to compile reports and to help us improve our website. We do not send such information to any third parties. Google Analytics collects the information anonymously. It reports website trends without identifying individual visitors.

We will use this information as aggregate data to help us maintain our website. However, you can opt out of Google Analytics without affecting how you visit our website. For more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.

Web and Mobile Applications:
If you download and use a Trustmark mobile application, we automatically collect information on the type of device you use, operating system version and the device identifier.

We use mobile analytics software to better understand the functionality of our mobile application on your device.
When using certain functionality via web applications, your location may be used if your mobile devices uses global positioning system (GPS) technology, trackers or other location tools.

How might we collect your personal information other than online or through web or mobile applications?
Outside of personal information collected online or through a web or mobile application, you, your authorized representative or your employer directly provide us with most of the personal information we collect, usually in one or more of the following ways:

  1. You apply for or enroll in our products or services via a paper form or a telephonic system.
  2. Your employer, its broker, vendor or third-party contractor, may provide us personal information about you in order for you to be eligible to apply for or enroll/participate in our products or services.

We may also receive your personal information from third-party sources that provide personal information to us about your employment, financial or medical history.

How might we use your personal information?
As further detailed throughout this Privacy Policy, to the extent permitted by applicable law, we may use your information to:

  • Provide you with the products and services you have requested. 
  • Provide you with information regarding products and services that you are eligible to receive but are not currently utilizing.
  • Perform data analytics:
    • For the improvement of our existing products and services.
    • For the development of new products and services.
    • To engage in customized outreach to you regarding the products and services you have requested, that you are eligible to receive but are not currently utilizing, or that may be of interest to you.
  • Communicate with you via email or mail regarding the products and services you have requested, that you are eligible to receive but are not currently utilizing, or that may be of interest to you.
  • Understand how you use our website and to provide a better user experience.
  • Identify you and associate you with the information you provide if you make a verifiable request to exercise your privacy rights under state or federal law as further described in this Privacy Policy.
  • Detect, investigate and prevent activities that make us or others uncomfortable, or may violate our policies or may be illegal.  
  • Otherwise manage our relationship with you.
With whom do we share your personal information?
To the extent permitted by applicable law, we may share your personal information:
  • With your employer or other business entity if your product or service is provided to you via that employer or other business entity. We will only share personal information with an authorized representative of your employer for the purposes of benefit administration.
  • With contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep your personal information confidential, and to use it only for the purposes for which we disclose it to them.
  • When you direct us to share your personal information with others.
  • When you elect to participate in a survey, contest or sweepstakes, we may disclose the personal information you provided to participate in the survey, contest or sweepstakes to third parties who sponsor or help us run such events.
  • When we are required to do so by law, or in response to a subpoena or court order.
  • When we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, to protect property or other rights of us, third parties or the public at large.
  • When we believe that you have abused our products, services or systems in any way to violate the law.
  • To transfer all information (including personal information) to a successor entity in the event of a merger, acquisition, bankruptcy or other sale of all or a portion of our assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred personal information will be subject to this policy, or to a new privacy policy if you are given notice of that new privacy policy and you affirmatively opt-in to accept it.  Personal information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor entity. 
  • For any other purpose for which you have provided affirmative written consent.

We do not sell your personal information to third parties, and we do not allow third parties to use the personal information we provide to them to offer you their products or services.

What are your personal information protection rights?
As further described below, your rights with respect to personal information collected by or through us about you vary depending on the product or service, and the federal and state law(s) applicable to your situation.

Children Online Privacy
We do not knowingly collect personal information online or otherwise from any person under the age of 16, and we do not offer, otherwise market or direct our products or services to any person under the age of 16. If you suspect that we have collected personal information from a person under the age of 16, please contact us. We do not sell personal information of any individual regardless of age. 

HIPAA/GLBA:
If the product or service in which you are enrolled or are eligible to enroll is underwritten by Trustmark Insurance Company, Trustmark Life Insurance Company, or Trustmark Life Insurance Company of New York and is subject to the Federal Health Insurance Portability and Accountability Act (HIPAA) or the Gramm Leach Bliley Act (GLBA), please also refer to your Notice of Privacy Practices in addition to this Privacy Policy. 

California:
Effective January 1, 2020, if you are a “consumer” as defined by the California Consumer Privacy Act (“CCPA”), you may exercise certain rights to the extent permitted by the CCPA, including:

  1. Right to Know: At or before the point of collection, you must be informed as to the categories of personal information to be collected and the purposes for which it will be used. This Privacy Policy provides you with this information.
  2. Right to Request: You have the right to request from us a description of:
    • The categories and specific pieces of personal information that we collected about you.
    • The sources from which your personal information is collected.
    • The business or commercial purpose for our collecting your personal information.
    • The categories of third parties with whom we share your personal information.
    • The specific pieces of personal information we collected about you.
      • In order to protect your privacy, we must ensure your request is “verifiable” and will therefore require certain personal information to validate your identity.
      • We are not obligated to provide you the personal information more than twice in a 12-month period, and will cover the 12-month period preceding receipt of your verifiable request.
      • We will provide the information free of charge within 45 days of receipt of a verifiable request, subject to a possible 45-day extension period.
    • To make such a request, please contact us at 866-816-1727.
    • Please note that we are not required to retain any personal information about you that we collected for a single one-time transaction if we do not retain that information in the ordinary course of business. We are also not required to re-identify or otherwise link data that we do not maintain in a manner that would be considered personal information, in the ordinary course of business.
3. Right to Delete: You have the right to request that we:
  • Delete personal information we collected about you.
  • Instruct our service providers to delete information they have about you that was received on our behalf.
  • If you provide us with a verifiable request to delete your personal information, we will, within forty-five (45) days of receipt of your verifiable request, delete your personal information from our records and direct any of our service providers who have such information to delete such information from their records. This 45-day period may be extended an additional 45 days under certain circumstances permitted by the CCPA.
    • As an alternative to deletion, your information may be de-identified rather than deleted at our option.
  • To make such a request, please contact us at 866-816-1727.
Please note that we are not required to comply with your request to delete any personal information about you that we have collected from you, if it is necessary for us to keep such information to:
  • Complete the transaction for which we collected your personal information.
  • Provide a good or service you request or that we reasonably anticipate you will request given our ongoing business relationship with you.
  • Perform our obligations under a contract between us and you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activity.
  • Debug to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided by law.
  • Comply with the California Electronic Communications Privacy Act.
  • Engage in public or peer-reviewed scientific, historical or statistical research in the public interest that adheres to all other applicable ethics and privacy laws if (a) our deletion of such information is likely to seriously impair the research or render it impossible to perform the research and (b) you provide informed consent.
  • To enable internal uses that are reasonably aligned with your expectations based on your business relationship with us.
  • Comply with a legal obligation.
  • Use such information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Exceptions under the CCPA: The CCPA details certain situations where the rights above do not apply including, but not limited to:
  • If our relationship with you or your information is governed by the Health Insurance Portability or Accountability Act (HIPAA) or the Gramm Leach Bliley Act (GLBA). HIPAA will typically apply if we have protected health information about you in the context of a health plan. GLBA will typically apply if we have information about you in connection with an insurance product.
  • The CCPA provides additional rights to consumers if their personal information is sold to third parties. We do not sell your personal information to third parties, and we do not allow third parties to use the personal information we provide to them to offer you their products or services.
  • Further, California Civil Code Section § 1798.83 permits users of our website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose your information to third parties for their marketing purposes.

How do we protect your information?
We have implemented commercially reasonable physical, technical and administrative security measures designed to safeguard and protect your information from unauthorized access.
We are committed to protecting and securing all personal information that you submit to us in any form, whether through this website or any other electronic or non-electronic format. All of our employees who have access to personal information are trained in our data privacy policies and procedures and aware of our standards to keep your information secure and confidential In addition, our contractors, vendors and agents are required to ensure compliance with our data protection standards, and applicable state and federal privacy laws, rules and regulations.

The security of your information also depends on you. Where we have given you, (or where you have chosen), a password for access to certain parts of our website, you are responsible for keeping this password confidential. Please do not share your password with anyone. If you suspect someone else obtained access to your password, please immediately change it.

Please be aware that despite our efforts, no security measures are impenetrable. We cannot guarantee the security of your personal information transmitted to us. If you choose to communicate with us by email, you should be aware that internet email is not secure. We strongly encourage you to use encrypted email when sending sensitive, personal, private and/or confidential information by email. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our website(s), systems or services.

Privacy policies of other websites
Our Company website(s) may contain links to other websites. Our Privacy Policy applies only to our website. If you click on a link to another website, that third party’s privacy policy will apply to your use of their website. We recommend that you review all third parties’ terms of use agreements and privacy policies before using their websites, goods or services.

Changes to our Privacy Policy
Because of changes in technology, industry practices, regulatory requirements and the growth and development of our business, or for other business reasons, we may need to modify this privacy policy from time to time. We will post a copy of the new policy with its effective date on our websites. Where required by applicable law, we will mail you a copy of the Privacy Policy or provide you with electronic notification (such as via email if we have your email address) of a material change to the Privacy Policy.

How to contact us
If you have any questions about our Company’s Privacy Policy, please do not hesitate to contact us.
Email us at: PrivacySecurityOffice@trustmarkbenefits.com

Last Updated: September 9, 2019