Casualty Actuarial Society
4350 Fairfax Dr, Suite 250
Arlington, VA 22203
Attn: Data Protection Officer
2. CAS Mission; Legitimate Uses
You may read the CAS description and mission at https://www.casact.org/about/. Any information we collect serves to further our mission, including, but not limited to the following:
- Provide relevant information to our potential members, active members, constituents and stakeholders, and the general public
- Respond to inquiries relating to the CAS
- Promote CAS events, programs, activities, and educational opportunities
- Perform our contractual obligations with members in good standing, registered attendees at our events, and subscribers of our publications and other products/services
- Administer and manage our certification exams, continuing education, and other related programs
3. Information We Collect About You; Purposes
You can access some areas of the website without submitting any information to us. However, if you wish to access additional content available on this website or participate in some the CAS’ activities, we may ask you to provide us personally identifiable information/personal data for the following purposes:
- Join the CAS as a member or renew membership
- Register for an event
- Sit for certification exams
- Purchase items through the CAS online store
- Subscribe to newsletters or publications
- Create a website account
- Donate to the CAS
- Contact the CAS
You will be entering into a contract with us by participating in any of the foregoing activities, and it will be necessary for the CAS to collect your personal data in order to perform this contractual obligation with you.
Personal Data That You Voluntarily Provide to Us. The CAS only collects personal data you voluntarily submit to us. The types of personal data we collect vary based on the programs, services, and products you wish to engage in, but generally include your name, business affiliations, contact information, telephone number, email address, postal address, and credit card information. While credit card information is obtained to purchase memberships, services, and products, this information is encrypted and not retained by the CAS or vendors we contract with for processing that information.
Additionally, when you create a profile on our website or app, we will collect the information that you elect to upload to your profile, such as biography, your education and job history, and company information. You should carefully consider whether you wish to submit personal data and tailor any content you submit appropriately.
Information Received From Other Sources. We may receive information about you from publicly available third-party databases or services that provide information about business people and companies, and combine this data with information we already have about you. This helps us to update, expand, and analyze our records, identify new potential members, and provide products and services that may be of interest to you.
The CAS maintains a data storage, retention, and disposal policy that governs the retention period of CAS records. It is the CAS’ general policy to keep your personal data for a period of 7 years following your last contact with us, or your last business transaction with the CAS. Notwithstanding the foregoing, the CAS may keep your personal data for a longer period as required by law or as needed in legal proceedings or to fulfill legitimate interests.
Automatically Collected Data. When you visit the website, we collect and store certain other information automatically that may not identify you personally:
- Internet Protocol (IP) address. An IP address is a number that is automatically assigned to the computer you are using whenever you access the Internet
- Type of browser and operating system used to access our website
- Date and time you accessed our website
- The pages of our website that you accessed
We use the foregoing information in the form of summary statistics to help us make our website more useful to our visitors, such as assessing what information is of most and least interest.
4. How We Use Information
We will use the information you provide to us in order to carry out the CAS mission and relevant programs and activities, to fulfill our contractual obligations, and for internal use (by CAS staff, board/committee members, and consultants/vendors) such as performing marketing studies, research projects, and program development in support of the CAS mission.
There may be times we share de-identified, aggregate information - such as the number of hits per page - with our business partners and with advertisers, sponsors, and other third parties to customize or enhance the content and advertising on the website for our users.
5. How We Share and Disclose Information
We publicly post the names of those individuals who have earned ACAS, FCAS, CERA, and CSPA designations. CAS Fellows and Associates are included in the publicly available online membership directory. All members, active candidates, subscribers, members of CAS Student Central, and members of CAS Academic Central are included in the directory accessible through the CAS online community.
We do not share, sell, or rent information to any third-party processors for their promotional use or for marketing purposes except in the following circumstances:
- Association Agents/Selected Vendors: Your personal information may be used within CAS or by a company acting as an agent of CAS or for operational support purposes, including but not limited to event registration, content management and analysis, system maintenance, email distribution, printing, and mailing. These vendors include Community Brands, Higher Logic, Matrix Group, REQ, and Bluesky, as well as companies who print and mail CAS publications on our behalf.
- Association Partners and Regional Affiliates: CAS may share your information with carefully selected association partners and regional affiliates whose products and services may be of interest to our members and community or as a benefit of membership with the CAS. More specifically, the CAS shares member information for inclusion in the Directory of Actuarial Membership at actuarialdirectory.org. All CAS business partners and affiliates are obligated to implement opt-out mechanisms and honor any opt-out requests by recipients in compliance with applicable laws.
- Association Conference/Meeting Attendee lists: CAS uses NetForum Enterprise from Community Brands to process conference and meeting registrations. The list of CAS conference and meeting registrants, including the attendees’ contact information provided as part of registration, is provided for one-time use to authorized exhibitors for that one conference/meeting. Attendees are automatically opted out of being included on the foregoing list and may opt in to receive information from our vendors and sponsors during the time of registration.
- Association Webinar Attendee list/contact info: CAS contracts with a third-party webinar vendor, BlueSky, to deliver educational programs for members and participants. The list of attendees is not made available to third parties at this time but may be used to suggest content and educational opportunities to participants by the CAS.
- Links provided on CAS newsletters: For our electronic newsletters or communication that we send to our members and subscribers, the CAS and its selected agents/business partners may track whether a recipient subsequently clicks through to links provided in the message that collect specific information such as: email address of user, the date and time of the user’s “click,” a message number, name of the list from which the message was sent, tracking URL number, and destination page. CAS and its agents/business partners may use this information to customize profiles for our members in order to enhance our products and services that may be of interest to CAS members. Members may opt out of receiving these mailings via their online profile.
When you terminate your membership or cancel website account access, CAS may continue to share information about you according to our legal and regulatory requirements.
Notwithstanding the foregoing, CAS may disclose your personal information as required by law or as needed in legal proceedings when CAS believes in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In addition, in the event of a merger, acquisition, or any form of sale or transfer of some or all of our assets to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information held by CAS will be among the assets subject to the transaction.
6. Credit Card Information
CAS does not disclose credit card information provided by its members or customers. When members or customers choose to pay using their credit cards, CAS submits the information needed through secure payment processors to conduct the transactions. No credit card numbers are stored on CAS websites or within CAS management systems.
7. Communications From CAS/How to Update Preferences
Except for transactional communications necessary to perform CAS contractual obligations, we will not send you promotional information without your consent, and you can withdraw consent at any time or update your preferences by following the instructions included in each communication, by logging into your website account and utilizing the communications preferences setting, or by contacting the CAS Administrative and Customer Support department (ACS) at ACS@casact.org.
8. How to Access, Correct And Delete Information
You may access, correct, or delete your personal information by logging into your website account and utilizing the setting function under your profile, or by contacting the CAS Administrative and Customer Support Center at ACS@casact.org. In addition, you may request a copy of the information CAS holds about you so you can correct or amend information that may be inaccurate or incomplete by contacting us at ACS@casact.org. We may ask you to provide sufficient evidence of your identity for your own protection so we can ensure that information is being released to the correct person. We will respond to your request to access your information within 30 days.
In some cases, our business requirements and legal obligations may prevent us from being able to delete your information. If we are unable to delete your information, we will inform you and detail reasons why.
9. Children's Information
The website is not intended for children under 13 years of age. CAS does not knowingly collect personal information from children under 13 years of age. If CAS discovers that a child under the age of 13 has provided us with personal data, we will delete the child’s personal data.
10. Security Measures
The website has security measures in place to protect the loss, misuse, or alteration of the information under CAS control. When you enter sensitive information (such as credit card number) as part of the purchase process, we use a credit card processor and encrypt the transmission of that information using secure socket layer (SSL) technology.
When you submit information to CAS through our website, you should be aware that your information is transmitted across the Internet and that no method of transmission is 100% secure. Although we take reasonable security measures to protect your information when we receive it, you also need to ensure you take appropriate steps to protect your information.
11. International Website and Cross-Border Data Transfers
12. EU Residents Only - GDPR (General Data Protection Regulation)
This section applies if you are an individual located in the European Union or European Economic Area. Under the General Data Protection Regulation (Regulation EU 2016/679, also known as GDPR), you may have certain rights as a data subject. To request information about those rights, please send an email to firstname.lastname@example.org with “GDPR Request” in the subject line. In the email please describe, with specificity, the GDPR right you are requesting assistance with. Please note that additional information may be requested prior to responding to a request. Upon CAS’ completion of its review you will be notified if your request has been granted, denied, or exemptions apply.
Cookies are files that contain information created by a web server that can be stored on a user’s hard drive for future use.
The CAS utilizes Google Analytics to better understand how users access information on the CAS family of websites. This service collects information through its cookies such as how often users visit the website, what pages they visit, and how long they visit specific pages.
14. Privacy Issues and Links to Other Sites
The website may contain links to other third-party websites that are not affiliated with CAS. CAS has no control over and is not responsible for the privacy policies or content of such sites.
15. Social Media Widgets
16. Amendments and Updates
Effective Date: February 2021