The RiverStone companies, its subsidiaries and affiliates (“we” or “us”) are committed to protecting the privacy of the individuals we encounter in conducting our business. “Personal Information” is information that identifies and relates to you or other individuals (such as your dependents). Our aim is responsible handling of Personal Information, balancing the benefits of activities like research and data analytics with our other commitments, including transparency and non-discrimination.
Last Updated: December 2022
By using the RiverStone website, you signify your acceptance of this Privacy Policy.
Please note: This Privacy Policy is supplemented by Privacy Notices tailored to our specific relationships with you, including Privacy Notices that are sent to individuals as required under applicable laws and regulations. RiverStone reserves the right, in its sole discretion, without any obligation and without any notice requirement, to change, improve or correct the information, materials and descriptions on this website and to suspend and/or deny access to this website for scheduled or unscheduled maintenance, upgrades, improvements or corrections. The information and materials on this website may contain typographical errors or inaccuracies. Any dated information is published as of its date only, and RiverStone does not undertake any obligation or responsibility to update or amend any such information except where required by law. RiverStone may discontinue, change or update this website at any time without notice.
Other websites and services of RiverStone, both within and outside of the United States of America and the United Kingdom, contain privacy policies different from this Privacy Policy, and you are advised to review both policies, where applicable. This Privacy Policy is provided in accordance with and subject to applicable United States law. If you decide to continue to access our online services from your location outside the United States, you hereby agree that your use of those services is subject to this Privacy Policy and your Personal Information may be transferred or processed in the United States.
We do not engage in the collection of Personal Information about your online activities over time and across third-party websites or online services and do not allow third parties to collect Personal Information about your online activities over time and across third-party websites when you use our online services. We do not respond to web browser “do not track signals.”
Notice of Privacy Rights for California Residents
- Explanation of Rights. As a California resident, you have the following privacy rights regarding your personal information:
- The right to know and right to access the personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of personal information the business has collected about the consumer;
- The right to delete personal information that we have collected from you, subject to certain exceptions;
- The right to correct inaccurate personal information that we maintain about you;
- The right of portability, or right to have us transfer your personal information to other persons or entities upon your request; and
- The right to limit the use of your sensitive information if we decide in the future to use such information for purposes other than the purposes listed above.
- Discrimination. A business cannot unfairly discriminate against you for exercising your Personal Information privacy rights under the California Consumer Privacy Act (CCPA).
- Authorized Agents. You may also use an authorized agent (“Agent”) to submit a Request to Know or a Request to Delete or a Request to Correct Information (collectively, a “Request”) on your behalf. If we are contacted by an Agent, we will require the Agent to provide a written document evidencing their authority to act on your behalf, and if insufficient in our sole reasonable judgement, we may also contact you directly to confirm your identity, the validity of the agency and Request.
- How to Make a Request. You can exercise your privacy rights by submitting a request to us.
If you would like to make a Request to Know, click here, or call 888-959-7317.
If you would like to make a Request to Delete, click here, or call 888-959-7317. - Responding to Requests; Verification Procedures. Upon receiving a Request, RiverStone will take steps to confirm the identity of the requestor by comparing the information provided in the Request with information we already have in our records.
- Deletion; Correction; Specific Pieces. For a Request to Delete, a Request to Correct,or a request to know specific pieces of information, RiverStone will verify the requestor’s identity by (i) confirming at least three (3) data points from the request with information in our records; and (ii) obtaining a statement of verification from the requestor that is signed under the pains and penalties of perjury.
- Other Requests. For all other requests, RiverStone will verify the requestor’s identity by confirming at least two (2) data points, unless in RiverStone’s sole reasonable judgement, the nature of the request or sensitivity of the information to be provided require more thorough verification. In such cases, RiverStone will follow the verification procedures set forth in subsection (i), above.
If additional information is required to verify your identity, you will be contacted by a RiverStone representative within thirty (30) days of our receipt of your Request.
In the event RiverStone is unable to satisfactorily verify the identity of the requestor, RiverStone may deny the Request in order to protect your information from fraudulent or unauthorized access. In such cases, RiverStone will notify the requestor of its reasons for denying the Request.
In certain circumstances, due to a conflict with other legal obligations or an exception to the CCPA, RiverStone will not be required to comply with a Request and, in such cases, will notify the requestor of the conflict or exception. The majority, if not all, of the Personal Information that RiverStone collects is subject to a CCPA and/or a CPRA exemption, but RiverStone will evaluate any request as outlined above.
- Sale of Personal Information. Please be advised, RiverStone does not sell Personal Information for monetary or other valuable consideration.
If you have additional questions on your rights under the CCPA, please contact us by email at PrivacyComplianceLine@trg.com.
Who to Contact About Questions Concerning Your Privacy & Personal Information
If you have any questions about our use of your Personal Information, please contact us by email at PrivacyComplianceLine@trg.com or write to:
Vice President and General Counsel, Corporate Legal
RiverStone Resources LLC
250 Commercial Street, Suite 5000
Manchester, New Hampshire
03101
United States of America
Personal Information
RiverStone may collect and disclose your Personal Information in the course of reviewing, investigating, and settling a potential claim.
-
Categories of Personal Information We Collect and How Do We Use, Retain, and Share This Information Collection. Depending on your relationship with us (for example, as a consumer policyholder; insured person benefiting under another policyholder’s policy, or claimant; witness; commercial broker or appointed representative; or other person relating to our business), Personal Information collected about you and your dependents, in the past twelve (12) months,may include, but is not limited to:
- General Identification and Contact Information
Your name; address; e-mail and telephone details; gender; marital status; family status; date of birth; passwords on our systems; educational background; physical attributes; activity records, such as driving records; photos; employment history, skills and experience; professional licenses and affiliations; relationship to the policyholder, insured or claimant; and date and cause of death, injury or disability. - Identification Numbers Issued by Government Bodies or Agencies
Social Security or national identification number; passport number; tax identification number; military identification number; or driver’s or other license number. - Other Sensitive Information
In certain cases, we may receive sensitive information about you including, but not limited to, medical and treatment information, health insurance information, biometric information, and payee financial account information. In addition, we may obtain information about your criminal record or civil litigation history in the process of preventing, detecting and investigating fraud or otherwise. We may also obtain sensitive information if you voluntarily provide it to us (for example, if you express preferences regarding medical treatment based on your religious beliefs). - Telephone Recordings
Recordings of telephone calls to our representatives. - Information Enabling Us to Provide Services
Location and identification of property insured (for example, property address, vehicle license plate or identification number); travel plans; age categories of individuals you wish to insure; policy and claim numbers; coverage/peril details; cause of loss; prior accident or loss history; your status as director or partner, or other ownership or management interest in an organization; and other insurance you hold.
- General Identification and Contact Information
- Disclosure for a Business Purpose. In the course of providing claims handling and administration services, RiverStone may disclose Personal Information to:
- Our Service Providers.
RiverStone may share information, including Personal Information, with our service providers subject to this Privacy Policy and applicable law. Such providers may include external third-party service providers, such as medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; travel and medical assistance providers; call center service providers; IT systems, support and hosting service providers; printing and market research and analysis service providers; banks and financial institutions that service our accounts; third-party claim administrators; document and records management providers; claim investigators and adjusters; construction consultants; engineers; examiners; jury consultants; translators; and similar third-party vendors and outsourced service providers that assist us in carrying out business activities. - Other Insurance and Distribution Parties.
In the course of providing insurance and processing claims services, RiverStone may make Personal Information available to third parties such as other insurers; reinsurers; insurance and reinsurance brokers and other intermediaries and agents; appointed representatives; distributors; and financial institutions, securities firms and other business partners. The foregoing is subject to this Privacy Policy and applicable law. - Governmental Authorities and Third Parties Involved in Court Action.
RiverStone may also share Personal Information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities, Medicare reporting agencies and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety or property, and/or that of our group companies, you or others; and (g) to allow us to pursue available remedies or limit our damages. The foregoing is subject to applicable law and this Privacy Policy. - Other Third Parties.
We may share Personal Information with payees; emergency providers (fire, police and medical emergency services); third-party claims administrators, claims adjusters, attorneys or investigators; medical networks, organizations and providers; travel carriers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock. The foregoing is subject to applicable law and this Privacy Policy. Personal Information may also be shared by you, on message boards, chat, profile pages and blogs, and other services to which you are able to post information and materials. Please note that any information you post or disclose through these services will become public information, and may be available to visitors who access the website and to the general public. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, on the website.
- Our Service Providers.
- Sources. In the course of carrying out its business operations, RiverStone may collect Personal Information from: the consumer; the claimant; the policyholder; external advisors and consultants, including, but not limited to, lawyers, investigators, experts, and medical providers; brokers and agents; witnesses; and appointed representatives. To improve the quality of our services, and to carry out research and analysis, we and our service providers may supplement the Personal Information we collect with information from other sources, such as publicly available information from social media services, commercially available sources and information from our affiliates or business partners.
- Sale. RiverStone is not engaged in the business of selling Personal Information.
How We Use Personal Information
Subject to this Privacy Policy as further described herein, we may use this Personal Information for certain purposes, including, but not limited to:
- Communicate with you and others as part of our business.
- Send you important information.
- Make decisions about whether to provide insurance and assistance services, and other products and services which we may offer, and provide such products and services, including claim assessment, processing and settlement; and, where applicable, manage claim disputes.
- Assess your eligibility for payment plans, and process your premium and other payments.
- Provide improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers).
- Prevent, detect and investigate crime, including fraud and money laundering, and analyze and manage other commercial risks.
- Carry out research and analysis, including analysis of our sellers’ information, customer base and other individuals whose Personal Information we collect as explained in this Privacy Policy.
- Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; data analytics; business continuity; and records, document and print management.
- Resolve complaints and handle requests for data access or correction.
- Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering, sanctions and antiterrorism where applicable; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence).
- Establish and defend legal rights; protect our operations or those of any of our group companies or business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages.
There may be other ways in which Personal Information is collected or transferred or stored, as such this policy is subject to change, improvements and updates without notice.
How Long Do We Hold Personal Information.
We will retain your personal data for no longer than is necessary to fulfill a business purpose or for the purposes stated in this Privacy Policy, unless otherwise extending the retention period is required or permitted by law or subject to our retention policies as may be in place from time to time. The data storage period may vary with scenario, product, and service. The standards RiverStone uses to determine the retention period are as follows: the time required to retain personal data to fulfill business purposes, including providing insurance products and services; maintaining corresponding transaction and business records; handling possible user queries or complaints and locating problems; whether the user agrees to a longer retention period; and whether the laws, contracts, and other equivalencies have special requirements for data retention; etc.
Limit the Use of My Sensitive Personal Information
A California consumer shall have the right, at any time, to direct a business that collects sensitive personal information about the consumer to limit its use of the consumer’s sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.
If you are a resident of California and would like to limit the use of your Sensitive Personal Information as defined under the California Consumer Privacy Act (CCPA) please email us at PrivacyComplianceLine@trg.com or call 888-959-7317
International Transfer of Personal Information
Due to the global nature of our business, for the purposes set out above we may transfer Personal Information to parties located in other countries subject to the applicable laws and this Privacy Policy. For example, we may transfer Personal Information in order to process international insurance claims. We may transfer information internationally to our group companies, service providers, business partners and governmental or public authorities. By providing Personal Information and other information to RiverStone, its subsidiaries or affiliates, and/or by sending a communication to an RiverStone or one of its e-mail addresses, you understand and consent to the collection, use, processing disclosure and transfer of such information in the United States and other countries or territories, which may not offer the same level of data protection as the country where you reside, in accordance with the terms of this Privacy Policy. Further, please note that any communication you send to a RiverStone e-mail address will be routed through the United States of America.
Security
RiverStone will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Information you might have with us has been compromised), please immediately notify us.
When RiverStone provides Personal Information to a service provider controlled by RiverStone, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Information as described in this Privacy Policy including under applicable contract, law or regulations. If we believe the security of your Personal Information in our possession or control may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we would endeavor to do so as promptly as possible under the circumstances, and, to the extent we have your e-mail address, we may notify you by e-mail.
Social Security Numbers
It is our policy to protect Social Security Numbers that we collect in the course of our business as confidential consistent with HIPAA, this Privacy Policy, and applicable law. This includes maintaining physical and electronic security procedures to guard against unauthorized access to Social Security Numbers. We also limit access to Social Security Numbers, by, among other means, only granting access to Social Security Numbers to our employees, contractors, or service providers who use that information to perform their job-related duties. In addition, we do not disclose Social Security Numbers to third parties or Other Third Parties, except where required or permitted by law.
We take our responsibility to safeguard your information seriously and employ multiple safeguards in order to help insure that your information is protected as it is transmitted from your computer and stored on our computers at RiverStone.
Firewall
Once your information reaches our servers we protect it in many ways including storing the information on secure servers and using a device known as a firewall which protects your information by detecting and preventing unauthorized access to the information.
Authorized Access
Working with our firewalls and other mechanisms, we also protect your information by only allowing access to your information by employees and authorized parties who have a legitimate and verified need to access the information in order to service your requests and administer policies and claims.
Questions and Concerns
Please contact us as set out in the “Who to Contact About Your Personal Information” section above with any such requests or if you have any questions or concerns about how we process Personal Information.
Third-Party Privacy Practices
This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties who are not controlled by RiverStone. (The responsibility as to third-party service providers controlled by RiverStone is described in the Security section above.) The inclusion of a link on the website does not imply endorsement of such linked site. Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of such organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other software application developer or provider, social media platform, operating system or wireless service provider, or device manufacturer, including any Personal Information you disclose to such organizations. If you should link to a third-party website from this website, we strongly encourage you to review and become familiar with that website’s privacy policy.
Use of Services by Minors
This website is not directed toward individuals under the age of eighteen (18) years old. RiverStone is not in the business of intentionally collecting Personal Information from individuals under the age of eighteen (18) years old through this website. These individuals should not provide Personal Information through this website.
Changes to This Privacy Policy
We review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements. We will place updates on our website.
Please review the “LAST UPDATED” date at the top of this Privacy Policy to see when it was last revised.