Read Aloud the Text Content

This audio was created by Woord's Text to Speech service by content creators from all around the world.

Text Content or SSML code:

Our Commitment to Privacy Our Company is dedicated to protecting the privacy of our customers, financial professionals, and their clients (collectively referred to as "consumers"). Our established practices include a Privacy Notice available to the public to inform consumers about how and why we collect, process, and use their information: https://www.pennmutual.com/privacy-policies(opens in a new tab). Our practices aim to keep consumer information confidential, secure, and protected against theft or fraud. We regularly review our privacy practices to assure our controls are working effectively to: Limit how we collect, use, and share consumer information Assure information accuracy and fair sharing Report to authorities when required Continued What to Do in the Event of a Data Breach Despite having policies and security controls, data breaches can still happen. Our Company has an Event Response Plan to address such situations promptly and efficiently, including notifying affected customers if their information was accessed without their authorization. If you become aware of a breach, you must take action and notify a leader immediately. Everyone is responsible for protecting consumer information. If you suspect unencrypted personal information has been accessed by an unauthorized person, report it to one of the following: Your immediate leader Your business line leader Chief Legal Officer Chief Ethics and Compliance Officer Email: [email protected](opens in a new tab) The average cost of a data breach in the financial sector can exceed $5 million, making it crucial for everyone to know and practice data protection measures. Privacy Regulations in the U.S. The U.S. does not have a national data protection authority, but several groups oversee privacy matters, including: Lawmakers and federal institutions, like the Federal Trade Commission (FTC) State attorney generals State insurance regulators Federal financial regulators Did You Know ? Though "privacy" isn't mentioned in the U.S. Constitution, several amendments (such as the Third, Fourth, and Fifth) offer privacy protections. Continued Key Regulations Below is a look at a few key regulations that our Company mentions in policies: The Gramm-Leach-Bliley Act is key legislation for our Company since it regulates financial institutions and their management of non-public information: Requires clear, accurate privacy notices to consumers Initial and annual privacy notices must be sent to consumers Privacy notes must explain: what information is collected how it's shared how it's protected how consumers can opt out The California Consumer Privacy Act (CCPA), was enacted in 2018—the same year the European Union's General Data Protection Regulation went into effect. The CCPA broadly applies to most businesses, including our Company. It broadly defines personal information and grants consumers various rights. The California Privacy Protection Agency enforces these consumer privacy laws, established in November 2020 when California Privacy Rights Act (CPRA) was adopted. Key points include: Consumer Rights Request records of personal data held, its sources, and how it's used or shared. Request deletion of personal information (with some exceptions). Be informed of these rights. Company Obligations Verify consumer identity before processing requests. Respond to consumer requests within 45 days, free of charge. Provide methods for deletion requests (website and toll-free number). Disclose categories of data collected, purposes, rights, and privacy policy. Train employees on consumer rights. Assure no discrimination against consumers exercising their rights. On May 16, 2024, the SEC adopted amendments to the Regulation S-P, Privacy of Consumer Financial Information and Safeguarding Customer Information: Applies to broker-dealers, investment companies, registered investment advisers, and transfer agents (collectively "covered institutions") Requires an Incident Response Program and Customer Notification Sets minimum federal standards for data breach notifications to affected individuals