Privacy Policy - B2C Sales

AFFINITY U.S. & CANADA PRIVACY NOTICE

Last Updated: October 2023

Willis Towers Watson (“WTW”) operates worldwide through subsidiary and affiliate companies. We are committed to privacy and transparency in our information practices. In this privacy notice (“Notice”), we describe our collection, use, disclosure, and processing of personal information that is collected online via our websites where this notice is posted or linked to that are related to the Affinity products and services which we provide in the United States and Canada (collectively “Affinity”).

1. Scope

This privacy notice describes, generally, how Affinity, in its capacity as a “controller” or “responsible party” for the purposes of relevant applicable laws, handles and processes personal information related to:

the use of our websites, associated Services and other websites that link to this privacy notice (collectively, the “Website(s)”)

our former, current, and prospective Affinity clients and their employees or representatives that use our Affinity platform, (“users”), including information related to, or which we may receive from, our points of contact at our commercial entity clients,

individuals who communicate with us through the Affinity Websites,

individuals who use our Affinity products and services (“Services”), either for themselves or on behalf of an organization or entity, and individuals whose personal information we receive in providing the Services.

Our collection, use and disclosure and processing of personal information about individuals will vary depending upon the circumstances. This privacy notice is intended to describe our overall privacy and data protection practices. In some cases, different or additional notices about our data collection and processing practices may be provided and apply to our processing of certain personal information.

Personal information. In this privacy notice, our use of the term “personal information” includes other similar terms under applicable privacy laws—such as “personal data” and “personally identifiable information.” In general, personal information includes any information that identifies, relates to, describes, or is reasonably capable of being associated, linked, or linkable with a particular individual.

Not covered by this notice. This Notice does not apply to job applicants and candidates who apply for employment with us through our job application portal or to our employees and non-employee workers whose personal information is subject to different privacy notices which are provided to such individuals in the context of their employment or working relationship with a Willis Towers Watson group entity. This Notice also does not apply to any non-Affinity WTW products, services, or websites or to third party websites, services, products, or mobile applications maintained by other companies which are linked to or from our Services or Websites. This notice also does not apply to non-public information subject to the Gramm Leach Bliley Act, personal information otherwise subject to an exemption under Section 1798.145(c) – (f) the California Consumer Privacy Act (“CCPA”) or the California Financial Information Privacy Act, or protected health information as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Other websites. Where links from the Website are provided to third party websites, we are not responsible for those websites. The inclusion of a link to a third-party website does not imply endorsement of the linked site or service by us or our affiliates. We are not responsible for how your Personal Information is handled by such third-party websites. Please review the privacy policy of any third party to understand how your Personal Information is handled by them.

2. Personal Information Collected

We collect personal information directly from individuals and automatically related to the use of the Services and Websites. Generally, we collect your personal information on a voluntary basis. However, if you decline to provide certain personal information that is marked mandatory, you may not be able to access certain services, or we may be unable to fully respond to your inquiry. Where you provide personal information to us, it is important that all such information should be accurate and updated. In some circumstances, we collect information about you in conjunction with our partners or other companies that we work with to provide you our Services, or they provide us with your information consistent with your direction to do so.

The personal information that we collect and process will vary depending upon the circumstances. For example, the personal information we may collect through our Websites includes:

Your name, postal address, email address, phone number, occupation, and other contact information

Information regarding your usage and/or interactions with us and related to your use of our Websites and Services,

Interests you have in relation to our Services or our practice areas,

Information you may voluntarily submit to us by completing any form on our Websites.

information about your usage of our Websites and Services

Categories of personal information we collect. While the personal information we collect varies depending upon the nature of the Services provided or used and our interactions with individuals, we may collect the following categories of personal information (subject to applicable legal requirements and restrictions):

Name, contact information, and other identifiers • such as a real name, alias, telephone number, email address, postal address, unique personal identifier, gender, date of birth, online identifier, Internet Protocol (IP) address, account name, copies of your identification documents, vehicle identification number and other vehicle information.

Customer records • such as paper and electronic customer records containing personal information, such as name, signature, address, insurance policy number, payment transaction information such as credit card or bank details, information required by our partner insurance providers to provide a quote (such as your employment details, salary, family details, assets, motor vehicle history or medical history), transactional information, such as details of your insurance policy (including information about any claims you make on your insurance policy), any interest you have in relation to our services or our practice areas, and any information you may voluntarily submit to us by completing any form on our Website including account log in information such as username and password.

Usage data such as internet or other electronic network activity information including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.

Categories of sources of personal information. We may collect personal information directly from you, as well as automatically related to your use of Websites and other Services as well as from third parties. We work closely with a variety of Insurers to deliver the Affinity service. Insurance involves the use and disclosure of Personal Information by various insurance market practice participants such as intermediaries, insurers, and reinsurers from whom we may receive your personal information. For example, we collect personal information:

From you, either directly (i.e., through information you submit to us, including via surveys or forms that you may complete and submit through our Websites) when you submit details to register a quote, purchase a policy, or register a claim, or indirectly (i.e., by observing your actions on our Websites),

From 'cookies' and other similar tools deployed on parts of our Websites (for further information regarding cookies used on our Websites, please see section below concerning Cookies and Tracking),

From our clients in connection with us providing professional services to them, and/or the companies with whom they work,

From data analytics providers,

From government entities,

From service providers (i.e., companies who are assisting us in fulfilling our contracts and carrying out our business, such as to perform mailings or to provide customer service) and other third parties,

From other sources, such as public databases, joint marketing partners, social media platforms (including from people with whom you are friends or otherwise connected) and from other third parties.

3. Purposes Processing Personal Information

Purposes for using personal information. While the purposes for which we may process personal information will vary depending upon the circumstances, in general we use personal information for our legitimate business interests or for the execution and management of your insurance contract, as well as the following purposes set forth below.

Providing support and services: including to provide our Services, operate our Websites, applications and online services; to manage, run and administer your account(s) with the Website; to communicate with you about your access to and use of our Services; to respond to your inquiries; to provide troubleshooting, fulfill your orders and requests, process your payments and provide technical support; to correspond with you, notify you of events or changes to our service, or otherwise to fulfil your requests and respond to your queries, and requests for information and for other customer service and support purposes such as ensuring you are eligible for the products you apply for through the Website.

Analyzing and improving our business: including to conduct analysis that allows us to assess risk, price our products, develop new products, to better understand how users access and use our Services and Websites, to evaluate and improve our Websites, Services and business operations, and to develop new features, offerings and services; to conduct surveys and other evaluations (such as customer satisfaction surveys); and for other research and analytical purposes.

Personalizing content and experiences: including to facilitate your participation in interactive features you may choose to use on our Websites; to tailor content we send or display on our websites and other Services; to offer location customization and personalized help and instructions; and to otherwise personalize your experiences.

Advertising, marketing, and promotional purposes: including (subject to compliance with applicable laws) to reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our ad campaigns; to send you newsletters, offers or other information we think may interest you; to contact you about our Services or information we think may interest you; and to administer promotions and contests.

Securing and protecting our business: including to protect and secure our business operations, assets, Services, network and information and technology resources; to investigate, prevent, detect, and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, or other unauthorized activities or misconduct.

Defending our legal rights: including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties.

Auditing, reporting, corporate governance, and internal operations: including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business.

Complying with legal obligations: including to comply with the law, our legal obligations and legal process, such warrants, subpoenas, court orders, and regulatory or law enforcement requests.

Aggregate and de-identified information. We may de-identify personal information and create anonymous and aggregated data sets and reports to assess, improve, and develop our business, products, and services, prepare benchmarking reports on our industry, and for other research, marketing and analytics purposes. When we de-identify personal information, we have implemented reasonable measures as required by law to ensure that the de-identified data cannot be associated with any individual or client. We will only maintain and use such data in a de-identified manner and do not attempt to re-identify the data, except as permitted by law.

4. Disclosure of Personal Information

We disclose the personal information we collect as set forth in this section.

A. Purposes for Which We Disclose Personal Information

Willis Towers Watson may disclose your personal information to any Willis Towers Watson group company for the uses and purposes set out above, including for marketing the products and services offered by other businesses across the Willis Towers Watson group (subject to applicable laws). We may also disclose your personal information for the following reasons:

To our affiliates who support our business operations (who may be located in other jurisdictions);

To companies involved in the provision of professional services and the sale of insurance products through the Website, including insurance providers and companies that provide reinsurance, loss adjusting, broking and claims handling services,

To third party service providers such as entities providing customer service, email delivery, auditing, cloud computing, hosting our Websites and other services,

To third parties involved with events that you register for, to facilitate your participation in those events, support feedback collection and evaluation and for some events, to third parties who provide a central record keeping system for continuing professional development event attendance,

To third parties with whom you have an affinity relationship and who collaborate with Willis Towers Watson in the distribution of products and/or services,

If we are obliged to disclose your personal information under applicable law or regulation, which may include laws outside your country of residence, for example to courts, law enforcement agencies, regulatory agencies, other public and government authorities and others.

In order to enforce or apply our Websites’ terms of use, or to protect the rights, privacy, safety or property of Willis Towers Watson, our clients, affiliates or other parties,

Subject to applicable laws, to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence,

In connection with the planning, due diligence, and implementation of commercial transactions, including a reorganization, merger, sale of all or a portion of our assets, a joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings)—in such cases, your personal information will be transferred to the acquiring entity,

In accordance with the separate terms and conditions of use that may apply to you or with your explicit consent.

We request those external service providers to implement and apply security safeguards to ensure the privacy and security of your personal information. These third parties have agreed to confidentiality restrictions and to use of any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.

B. Categories of Personal Information Disclosed

Certain privacy laws such as the CCPA require that we disclose the categories of Personal Information that we have disclosed for a business purpose as well as the categories that we have “sold” or “shared” (as those terms are defined under the CCPA or other applicable laws). Please review the descriptions of the categories of personal information under the Personal Information Collected section above, for further descriptions of each category of personal information.

Categories of personal information disclosed for a business purpose. In general, we may disclose the following categories of personal information in support of our business purposes identified above:

Name, contact information and other identifiers,

Customer records

We have disclosed the categories of personal information listed above to the following categories of third parties in the preceding twelve months: our clients, other service providers, other insurance companies, and government entities.

We do not “sell” personal information or “share” personal information with third parties for cross-context behavioral advertising.

5. Cookies and Tracking

Our Websites may use first party and third-party cookies, pixel tags, plugins and other tools to gather device, usage and browsing information when users visit our Websites or use our online services. For instance, when you visit our Websites, our server may record your IP address (and associated location information) and other information such as the type of your internet browser, your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, and the pages you view and links you click on our Websites, as well as date and time stamps associated with your activities on our Websites.

We use the information for security purposes, to facilitate navigation, to personalize and improve your experience while using the Websites, to improve and measure our advertising campaigns and to better reach users with relevant advertising both on our Websites and on third party websites. We also gather statistical information about use of the Websites to continually improve their design and functionality, understand how they are used and assist us with resolving questions regarding them. Our Cookie Notice contains further information about our use of cookies and should be read in conjunction with this Notice. You can manage how your preferences regarding cookies are set by this Website, using our cookie preference manager.

Cookies. Cookies are small text files that a website transfers to your computer or other device to store and sometimes collect information about your usage of websites, such as time spent on the websites, pages visited, language preferences, and other anonymous traffic data. You can control the way in which cookies are used by altering your browser settings. You may refuse to accept cookies by activating the setting on your browser that allows you to reject cookies. However, if you select such a setting, this may affect the functioning of our Websites. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you access or log on to our Websites. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. For more information about the use of cookies on our Websites and your choices regarding the placement of cookies, please see our Cookie Notice.

Pixel tags and other similar technologies. Pixel tags (also known as web beacons and clear GIFs) may be used in connection with some Websites to, among other things, track the actions of users of the Websites (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Websites and response rates. We and our service providers also use pixel tags in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Log files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version and internet browser type and version. This information is gathered automatically and stored in log files.

Third Party Analytics Tools. Our Websites may use automated devices and applications operated by third parties (e.g., Google Analytics), which use cookies and similar technologies to collect and analyze information about use of the Websites and report on activities and trends. Please see our Cookie Notice for more information.

Opt-Out Preference Signals and “Do-Not-Track” Signals. If your browser enables the Global Privacy Control (GPC) when visiting our Website, our Website will automatically opt you out of any tracking cookies that constitute a “sale” where required by applicable privacy law. For more information about the GPC and to learn how to implement it on your browser, please click here. Please note, our Website does not recognize or respond to any signal which your browser might transmit through its so-called “Do Not Track” (DNT) feature. If you wish to disable cookies on our Websites, you should not rely on DNT browser settings. For more information about DNT signals, please click here.

6. Interest-based Advertising

On some of our websites, we may work with third-party ad networks, analytics companies, measurement services and others (“third-party ad companies”) to display advertising on our Websites and to manage our advertising on third-party sites, mobile apps and online services. We and these third-party ad companies may use cookies, pixels tags and other tools to collect information on our Websites (and on third-party sites and services), such as browsing history, IP address, device ID, cookie and advertising IDs, and other identifiers, general location information and, with your consent, your device’s geolocation information; we and these third-party ad companies use this information to provide you more relevant ads and content and to evaluate the success of such ads and content.

You can manage how your preferences regarding third party ad company cookies are set by this Website, using our cookie preference manager.

Please see our Cookie Notice for information about the third parties we may work with to display targeted ads on third-party sites and to measure the success of our marketing and campaigns. If you have reached this Privacy Notice from a Website other than the Homepage, please go back and review the Cookie Notice on that Website to understand how cookies are used there. You may also obtain more information about targeted or “interest-based advertising” and opt-out of many ad networks at the industry websites below:

Canada: www.youradchoices.ca

EU: www.youronlinechoices.eu

U.S.: www.aboutads.info

7. Individual Rights and Choices

Individual Rights. Most privacy laws provide some form of rights for data subjects such as the right to review, know, correct, update, or restrict the processing of your personal information.

Residents of California may submit a consumer rights request by contacting us at 1-800-889-9288 (toll free) or submitting a request through this link. Please also see the section Additional Information for Residents in Certain Jurisdictions for more information.

If you are not a California resident, please contact us toll-free at 1-800-889-9288, email us at dataaccessrequest@willistowerswatson.com, or send us your request by postal mail to the address provided in the Contact and Comments section below.

In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information removed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may need to verify your identity before implementing your request.

Marketing. You may opt-out from receiving marketing-related communications from us on a going-forward basis by contacting us or by using the unsubscribe mechanism contained in each email. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.

8. Security

Willis Towers Watson has implemented technical and organizational security measures to protect the personal information we collect. Despite this, the security of the transmission of information via the internet cannot always be guaranteed and you acknowledge this in your access and use of our Websites and Services. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the Contact and Comments section below.

9. Retention Period

WTW stores personal information as needed to accomplish the purposes identified in this Notice and to meet legal requirements, including legal and compliance requirements regarding records retention, resolving disputes, and enforcing our agreements. This means that WTW may be required to maintain your information, for example, to: (1) comply with our legal or regulatory compliance needs (e.g., maintaining records of transactions you have made with us); (2) to exercise, establish or defend legal claims; and/or (3) to protect against fraudulent or abusive activity on our services and systems. For these and possibly other reasons, we may be unable to delete personal information upon request of an individual in certain cases. We will delete your Personal Information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

We may retain different categories of information for different periods of time for the instances stated above. However, it is our policy as an organization that when personal information is no longer needed or after legal authority to retain it has expired, personal information will be destroyed in accordance with applicable law and pursuant to procedures established in relation to the relevant WTW services, systems, or processes. Retention periods for records maintained by WTW, including those containing personal data are established based upon business need, statutory and regulatory record keeping requirements in the geographies where we do business, and legal obligations. If you have any further questions about our handling of personal information, please contact us at privacy@willistowerswatson.com.

10. Cross-border Transfer

Willis Towers Watson is a global company and the data that we collect from you may be transferred to, accessed, processed or stored in, and subject to requests from law enforcement in, jurisdictions outside of your home jurisdiction, including the United States, India, Quebec, Bermuda, the European Union and other jurisdictions, in which we or our service providers operate. Some of these jurisdictions, may not provide equivalent levels of data protection as your home jurisdiction. We have established safeguards to protect personal information that is transferred to other countries, including appropriate contractual protections. For more information on the appropriate safeguards in place, please contact us using the details below.

11. Children and Minors

The Websites and Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect personal information from minors under the age of 16.

12. Changes to our Privacy Notice

From time to time, we may change our Privacy Notice. The effective date set forth at the top indicates the last time this Privacy Notice was revised. Checking this effective date allows you to determine whether there have been changes since the last time you reviewed the notice. We will notify you of changes to this privacy notice by posting the revised Privacy Notice on our Websites.

13. Contact and Comments

If you have any questions or comments regarding this Notice, please contact our Global Privacy Office at One World Financial Center, 200 Liberty Street, Floor 6, New York, NY 10281 or at privacy@willistowerswatson.com.

In Canada, you may contact us by mail using the following information: WTW Privacy Officer, 130 King Street W, Exchange Tower, Suite 1500, P.O. Box 424, Toronto, ON M5X 1E3, or by email at privacy@willistowerswatson.com or by telephone at +1.416.960.2700.

14. Additional Information for Residents in Certain Jurisdictions

In this section, we set forth additional information as required under applicable privacy laws in certain jurisdictions.

A. California Residents

In this section, we provide information for California residents as required under California privacy laws, including the CCPA, which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline. This section does not address or apply to our handling of:

Publicly available information made lawfully available by state or federal governments

Personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA (such as protected health information that is subject to HIPAA or the California Medical Information Act, and non-public information subject to the Gramm-Leach Bliley Act or the California Financial Information Privacy Act)

Personal information we collect about job applicants, independent contractors, or current or former full-time, part-time and temporary employees and staff, officers, directors or owners of Willis Towers Watson

Categories of personal information that we collect and disclose. Our collection, use and disclosure of personal information about a California resident will vary depending upon the circumstances and nature of our interactions or relationship with such resident. The sections above set out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, sell, and disclose to others for a business purpose. We collect these categories of personal information from the sources described in the Personal information we may collect section above, and for the purposes described in the Purposes for which we use personal information section above.

Rights of California residents. California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Do-Not-Sell: California residents have the right to opt-out of our sale of their personal information. We do not sell personal information.
Initial Notice: We are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used.
Request to Delete: California residents have the right to request deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies. We will respond to verifiable requests received from California residents as required by law. The instructions for submitting a verifiable Request to Delete are described in the “Submitting Requests” section below.
Request to Correct: California residents can request the rectification of inaccurate personal information. We will inform relevant third parties to whom we have transferred your data about the rectification and completion if we are legally obliged to do so. The instructions for submitting a verifiable Request to Correct are described in the “Submitting Requests” section below.
Limit the Use of Sensitive Personal Information: California residents have the right in certain instances to request that we limit the use and sharing of their sensitive personal information. The CCPA defines “sensitive personal information” to include, among other things, your: social security, driver’s license, state identification card, or passport numbers; account log-in, financial account, debit card, or credit card numbers in combination with any required security or access code, password, or credentials allowing access to an account; racial or ethnic origin, religious or philosophical beliefs, or union membership; genetic data; and biometric information (including physiological, biological, or behavioral characteristics).
Request to Know: California residents have the right to request and, subject to certain exemptions, receive a copy of the specific pieces of personal information that we have collected, used, disclosed and sold about them and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. California residents also have the right to request that we provide them certain information about how we have handled their personal information, including the:

categories of personal information collected;
categories of personal information collected;
categories of sources of personal information;
business and/or commercial purposes for collecting and selling their personal information;
categories of third parties with whom we have shared their personal information;
categories of personal information that we have sold, and for each category identified, the categories of third parties to which we sold that particular category of information; and
categories of personal information disclosed for a business, and for each category identified, the categories of third parties to which we disclosed that particular category of personal information.

California residents may make a Request to Know up to twice every 12 months. We will respond to verifiable requests received from California residents as required by law. The instructions for submitting a verifiable Request to Know are described in the “Submitting Requests” section below.

Right to Non-Discrimination: The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA. Discrimination may exist where a business denies or provides a different level or quality of goods or services, or charges (or suggests that it will charge) different prices, rates, or penalties on residents who exercise their CCPA rights, unless doing so is reasonably related to the value provided to the business by the residents’ data.
Financial incentives: A business may offer financial incentives for the collection, sale or deletion of California residents’ personal information, where the incentive is not unjust, unreasonable, coercive or usurious, and is made available in compliance with applicable transparency, informed consent, and opt-out requirements. California residents have the right to be notified of any financial incentives offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without their prior informed opt-in consent. We do not offer any such incentives at this time.

Submitting Requests. Requests to Know, Requests to Delete, Requests to Limit, and Requests to Correct may be submitted:

By contacting us at 1-800-889-9288 (toll free).
By submitting a Consumer Request through this link.

We will use the following process to verify Requests to Know and Requests to Delete: We will acknowledge receipt of your Consumer Request, verify it using processes required by law, then process and respond to your request as required by law. To verify such requests, we may ask you to provide the following information:

For a request to know categories of personal information which we collect, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you against information in our systems which are considered reasonably reliable for the purposes of verifying a consumer’s identity.
For a request to know specific pieces of personal information or for requests to delete, we will verify your identity to a high degree of certainty by matching at least three pieces of personal information provided by you to personal information maintained in our systems and also by obtaining a signed declaration under penalty of perjury that the requestor is the consumer whose personal information is the subject of the request.

An authorized agent can make a request on a California residents’ behalf by providing a power of attorney valid under California law, or providing: (1) proof that the consumer authorized the agent to do so; (2) verification of their own identity with respect to a right to know categories, right to know specific pieces of personal information, or requests to delete which are outlined above; and (3) direct confirmation that the consumer provided the authorized agent permission to submit the request.

We will respond to verifiable requests received from California residents as required by law. For more information about our privacy practices, you may contact us as set forth in the Contact and Comments section above.

Consumer Requests Received in 2022. In calendar year 2022, we received and responded to consumer requests under the CCPA as set forth in the table below:

Request Type	Number of Requests Received	Number of Requests With Which We Complied (in whole or in part)	Number of Requests Denied*	Average Response Time (Number of Days)
Requests to Know	2	0	2	45
Requests to Delete	5	0	5	45
Requests to Opt-Out of the Sale of Personal Information	1,622	1,618**	0	0

* This includes requests that were denied because we were unable to verify the identity of the requestor.
** We receive opt-out requests through multiple channels including a cookie preference manager and by email. The difference between the number of requests received and the number of requests we responded to is due to the channel by which we received the request to opt-out. We received 4 requests to opt-out through email. We followed up with the requestors for more information, but the requestor never clarified to which WTW group or information their request applied to.

Willis Canada Inc

Exchange Tower, PO Box 424,
130 King Street West, Suite 1500,
Toronto ON M5X 1E3,
Canada

Questions?, Call us

Client Service Representative

TF:	+1 (800) 268-8532
T:	+1 (416) 869-1320
E:	toronto.commercial@willis.com