Skip to main

Terms & Conditions

TERMS AND CONDITIONS OF IRIS POWERED BY GENERALI IDENTITY PROTECTION PRODUCTS

Generali Global Assistance, Inc., dba Iris® Powered by Generali (“Iris” and “We”) provides the services listed below (“the Products”), which are part of Iris Identity Protection Program ("IDP"). The IDP Products may only be used by you in accordance with these Terms and Conditions (the “Terms”). Services listed below are available for one person only “Member”.

Some IDP Product features may be provided through authorized third party providers and may be subject to additional terms and conditions implemented by those authorized providers.

A. DEFINITIONS

“Member” and “You” means an individual person who has purchased IDP and is duly enrolled in compliance with the terms of enrollment. A Member must be at least 18 years of age to purchase IDP and a citizen or legal resident of the United States of America.

B. PREVENTION AND DETECTION PRODUCT SERVICES

IMPORTANT NOTICE: AS AN IDP MEMBER YOU ARE ENTITLED TO RECEIVE ANY OF THE IDP SERVICES LISTED BELOW THAT ARE INCLUDED IN YOUR IDP MEMBERSHIP PLAN. IN ORDER TO USE SOME SERVICES INCLUDED IN YOUR IDP MEMBERSHIP YOU MUST FIRST ACTIVATE THE INDICATED SERVICES BY PROVIDING US OR OUR APPROVED THIRD PARTY SERVICE PROVIDERS WITH ADDITIONAL INFORMATION ABOUT YOURSELF. PROVIDING SUCH INFORMATION IS ENTIRELY OPTIONAL, BUT IF YOU CHOOSE NOT TO PROVIDE THE REQUESTED INFORMATION, SOME INCLUDED SERVICES WILL NOT BE AVAILABLE FOR YOU TO USE OR YOU MAY NOT BE ABLE TO RECEIVE ALL THE FEATURES OF INCLUDED SERVICES. ALL PERSONAL INFORMATION WE RECEIVE FROM YOU WILL BE TREATED AS CONFIDENTIAL AND WILL BE USED ONLY BY IRIS AND ITS APPROVED SERVICE PROVIDERS TO HELP PROVIDE THE PRODUCT SERVICES YOU HAVE REQUESTED.

1.  24/7 Expertise: Iris’ U.S. based Identity Theft resolution specialists and online resources are available 24/7 to educate you about how identity theft occurs as well as provide tips to help keep your identity safe.

2. Opt-Out Services: will assist you with opting out of pre-approved direct mail credit card offers and marketing phone calls.

3. ScamAssist® Research Service: Iris will attempt to help you determine if an offer or solicitation you have received is an apparent scam, is from a malicious source, or is otherwise unsafe to engage with. You will be entitled to open up to four (4) ScamAssist cases in any given calendar month. Please see Section D.3 of these Terms, Limitations and Exclusions, paragraph 4, ScamAssist Research Service Limitations, for further information on these services.

C. IDENTITY THEFT RESOLUTION PRODUCT SERVICES

If you  experience an identity theft incident (“Identity Theft”) our Identity Theft Resolution services can help. Upon notification of an Identity Theft of a Member and receipt of a duly completed and executed authorization form from the Member, we treat each Identify Theft as an emergency and will perform any or all of the following steps necessary to attempt to undo or prevent further damage to you:

1. 24/7/365 US Based Certified Identity Theft Resolution Specialists: Our team of Identity Theft Resolution Specialists is available 24/7 year-round to help resolve your Identity Theft incident and prevent further damage.

2. Spanish and French Support: Iris will provide support in English, Spanish, and French through its 24/7 call center located in Washington D.C.

3. Translation Services: If you are abroad, we will help you communicate with the local authorities including assistance with filing   an Identity Theft report. It is the responsibility of the Member to pay for any cost associated with the translation services.

4. Attempted Resolution: An Iris’ identity theft resolution specialist will perform the necessary tasks to attempt an identity resolution for you (after a police report, limited power of attorney, and identity theft affidavit are completed and submitted).

5. Assist with Pre-Existing Incidents: Even if an incident of Identity Theft occurred prior to your joining our Program, as long as you were not aware of this incident at the time of your enrollment, our Resolutions Specialists will work to correct any identity-related issues you may be experiencing from this pre-existing incident.  (INSURANCE COVERAGE IS EXCLUDED FOR THIS SERVICE).

6. ID Theft Affidavit Assistance and Submission: If your identity has been compromised, we’ll provide you with a pre-populated identity Theft affidavit to dispute any fraudulent claims or activity. After assisting with its completion, we will submit it to the authorities, credit bureaus and creditors on your behalf.

7. Creditor Notification, Dispute and Follow-Up: We’ll contact your creditors’ fraud departments  to dispute each fraudulent occurrence. We will also continue to follow-up until each matter has been properly handled keeping you notified throughout the process with a status report on a regular basis.

8. Fraud Alert Placement: If the Member’s identity is at risk, the Member may place a 1-year fraud alert on his or her credit file. Fraud alerts notify lenders to contact the Member before issuing new credit, making it more difficult for thieves to open new accounts in the Member’s name without his or her knowledge. GGA will assist with placing a fraud alert on the Member’s records at all three major credit bureaus to add a layer of protection from fraudulent activity. A fraud alert can be set by the Member directly with TransUnion or with the other credit bureaus. By setting up an Initial One Year Fraud Alert with TransUnion , the Member will have a fraud alert with the other two credit bureaus. The Member may place a fraud alert provided the Member has a good faith suspicion that he or she is or is about to become a victim of identity fraud or related crime, including identity theft.  Extended Fraud Alerts and Active Duty Fraud Alerts can only be set by the Member directly with TransUnion or with the other credit bureaus.  Placing an Extended Fraud Alert or an Active Duty Fraud Alert with one credit bureau will not set it up with the other two. The Member has to place Extended Fraud Alerts or/and Active Duty Fraud Alerts with each credit bureau separately.

9. Inform Police/Legal Authorities: We’ll assist you in reporting the fraudulent activity to the local authorities and we will forward a report of the fraudulent activity to creditors.

10. Locate Authorities Nearby: When you are away from home, we will assist in locating local authorities for you to report any incidents of fraudulent activity.

11. Credit Freeze: If you need to block suspicious activity occurring on your credit file, we’ll work with the major credit bureaus to place a credit freeze on your credit record(s) in states where this service is available in accordance with state law.

12. Lost Wallet Assistance: We’ll assist with notifying the appropriate bank or issuing authority to assist you in canceling or replacing stolen or missing items such as credit/debit card, driver’s license, Social Security card, or passport.

13. Medical Identity Theft Assistance: In the event you become the victim of medical identity theft, we’ll provide help with fraudulent medical claims placed in your name and medical care that was received fraudulently by another individual in your name. We will help you to ensure that healthcare, insurance claims and medical records are corrected and we will involve our in-house medical staff if necessary.  

14. Emergency Cash Advance: If you experience Identity Theft more than 100 miles from your primary place of residence, we’ll provide you an emergency cash advance of up to $500. All costs associated with this service will be your responsibility. These services must be secured by a valid credit card. Any advance made to you, not otherwise secured by a valid credit card and paid to) Iris by the credit card company within 30 days of such advance, must be reimbursed by you to us within 45 days from the date such advance is made. Thereafter any amount due will accrue interest at a rate of 1.5% per month. Notwithstanding anything to the contrary herein, Iris shall be under no obligation to advance funds not otherwise secured by a valid credit card.

15. Emergency Travel Arrangements and Journey Continuation: If you experience Identity Theft while traveling more than 100 miles away from home, we’ll assist with making emergency travel arrangements, including airline, hotel, and car rental reservations. Costs associated with these arrangements are your responsibility.

16. Removal from Telemarketing Lists Our opt-out service helps you reduce the number of credit card direct mail offers and marketing phone calls you receive, some of which could be arranged by scammers to steal your identity. 

17. Reduced Pre-approved Credit Offers: Our opt-out service helps protect your privacy by reducing pre-approved credit card offers, some of which can be sent by fraudsters to steal your personal information.

18. Identity Theft Resolution Kit: Our identity theft protection kit explains different types of identity theft and includes prevention tips. In addition, it comes with resolution resources such as a Federal Trade Commission sample affidavit, as well as sample letter templates for filing disputes in case of identity theft or fraud.

19. $1 Million Identity Theft Insurance: If you become a victim of identity fraud while enrolled in the IDP, the Identity Theft Insurance can reimburse you for covered out-of-pocket expenses related to the recovery process and professional service fees associated with identity and resolution. For a copy of your Summary of Benefits, click here and Master Policy click here.

Identity Theft Insurance provides coverage for the following reasonable and necessary costs resulting from an Identity Theft event:

  • refiling applications

  • long distance phone calls

  • postage

  • document notarization

  • child/elder care

  • initial legal consultation

  • legal costs

  • lost income

  • mental health counselling

  • travel expenses

Payment limits exist for each reimbursable category and some exclusions apply. Please carefully read the full summary of benefits and the actual Master Policy of insurance to understand full coverage benefits and applicable exclusions and limits of coverage.

Identity Theft Insurance is provided under a master policy of insurance underwritten by Generali U.S. Branch that has been issued to Kaspersky Lab Switzerland GmbH.  .This summary is intended for informational purposes only and does not include all terms, conditions and exclusions of the policy. Coverage may not be available in all jurisdictions. Members must refer to the actual policy for terms, conditions, and exclusions of coverage. Members must also review their summary description of benefits.  Generali US Branch (New York, NY; NAIC # 11231) operates under the following names: Generali Assicurazioni Generali S.P.A. (U.S. Branch) in California, Assicurazioni Generali – U.S. Branch in Colorado, Generali U.S. Branch DBA The General Insurance Company of Trieste & Venice in Oregon, and The General Insurance Company of Trieste and Venice – U.S. Branch in Virginia. Generali US Branch is admitted or licensed to do business in all states and the District of Columbia.

D. LIMITATIONS AND EXCLUSIONS

1. General Limitations

EXCEPT FOR EXPRESS WARRANTIES, IF ANY, STATED IN THESE TERMS AND CONDITIONS, ANY SOFTWARE USED OR SERVICES PROVIDED IN CONNECTION WITH THE IDP AND ASSOCIATED PRODUCTS, IS PROVIDED “AS IS,” WITH ALL FAULTS, AND THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH YOU, THE USER. IN ADDITION, IRIS EXPRESSLY DISCLAIMS ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND SUITABILITY FOR YOUR INTENDED PURPOSES.

2.  Identity Theft Resolution Services Limitations

a. Identity Theft(s) discovered by Members prior to enrollment in the IDP are not eligible for services nor for insurance.

b. Iris does not guarantee that its intervention on behalf of the Member duly enrolled in the IDP will result in a particular outcome or that its efforts on behalf of the Member will lead to a result satisfactory to the Member.

с. Iris services do not include, and Iris shall not assist the Member for, thefts involving non-US bank accounts.

d. Some creditors may require the Member to provide their authorization over the telephone before our Resolution Specialists can begin to work with the creditor directly in resolving an identity theft case.

e. Iris provides its Emergency Cash, Travel Arrangements, Translation and Lost Wallet Assistance services in all countries of the world. However, Iris may determine that services cannot be provided in certain countries or locales because of situations such as war, natural disaster, political instability or regulatory restrictions. Iris will attempt to assist a Member consistent with the limitations presented by the prevailing situation in the area.

f. Services cannot always be assured if conditions such as war, disaster or political instability render assistance Services difficult or impossible to provide.  In such instances, Supplier reserves the right to suspend, curtail or limit its services in any area in the event of rebellion, riot, military uprising, war, terrorism, labor disturbance, strikes, nuclear accidents, acts of God or refusal of authorities to permit Supplier to fully provide Services or inclusion on an economic or trade sanction list (such as, but not limited to the U.S. Department of the Treasury’s Office of Foreign Assets Control List).

g. Iris shall not be responsible for failure to provide, or for delay in providing services when such failure or delay is caused by conditions beyond its control, including but not limited to labor disturbance and strike, rebellion, riot, civil commotion, war, terrorism, or uprising, nuclear accidents, natural disasters, acts of God, inclusion on an economic or trade sanction list or where rendering services is prohibited by local law or regulations.

h. MANY GOVERNMENT RECORDS ARE AVAILABLE FREE OR AT A NOMINAL COST FROM CERTAIN GOVERNMENT AGENCIES. IN ADDITION, CREDIT REPORTING AGENCIES ARE REQUIRED BY LAW TO GIVE YOU A COPY OF YOUR CREDIT RECORD UPON REQUEST AT NO CHARGE OR FOR A NOMINAL FEE. NONE OF THE PRODUCTS OFFERED THROUGH THIS SITE ARE INTENDED AS A SUBSTITUTE FOR THE CONSUMER CREDIT INFORMATION THAT MAY BE AVAILABLE TO YOU WITHOUT CHARGE. PRIOR TO PURCHASING ANY PRODUCT, YOU SHOULD VISIT WWW.ANNUALCREDITREPORT.COM FOR FURTHER DETAILS REGARDING YOUR RIGHT TO OBTAIN A COPY OF YOUR CONSUMER CREDIT FILE.

3. ScamAssist® Research Service Limitations

  1. 1. In the ScamAssist® Research Service, Iris Resolution Specialists research and attempt to determine whether the offer or solicitation a Member has received is an apparent scam, is from a malicious source, or is otherwise unsafe to engage with. Members should be aware that no system used to detect scammers, malware or dangerous items is entirely successful or foolproof.  Accordingly, Members who use ScamAssist and any findings and/or safety assessment provided to Members in the content of the email do so entirely at the Members’ own risk.

  2. 2. Iris’s ScamAssist services are provided to Members on an "AS IS" and "AS AVAILABLE" basis. Without limiting the foregoing, Iris AND ITS AFFILIATES, AGENTS, PARTNERS AND SUBSIDIARIES DISCLAIM ANY WARRANTIES, EXPRESS OR IMPLIED, OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT IN CONNECTION WITH SCAMASSIST.

  3. 3. Iris may use or rely upon third-party websites or resources to perform ScamAssist®.  By using ScamAssist, the Member acknowledges and agrees that Iris is not responsible or liable for:  (i) the availability or accuracy or effectiveness of such websites or resources; or (ii) the content, products, or services on or available from such websites or resources.  Usage by Iris of such resources, or links to such websites or resources that may be found on the Iris website, does not imply any endorsement by Iris of such websites or resources or the content, products, or services available from such websites or resources. By using ScamAssist, the Member acknowledges sole responsibility for and assumes all risk arising from Member’s reliance on Iris’s findings based on Iris’s use of any such websites or resources. 

4. Services availability country limitations

Please, check below if the service is available in your region before completing your purchase.

Identity Theft Resolution Services and ScamAssist® Research Service are available only in: USA, United Kingdom, Ireland, Canada, Australia, New Zealand, Germany, France, Italy, Spain, Switzerland, Belgium, Austria, South Africa, Mexico.

Identity theft insurance is available only in: USA, United Kingdom, Ireland, Germany, France, Italy, Spain.

E. GOVERNING LAW AND JURISDICTION

These Terms shall be deemed to be made in the State of New York and shall in all respects be interpreted, construed and governed by and in accordance with its laws without application of conflicts of law provisions. For any disputes arising out of the Terms, the parties irrevocably submit to the jurisdiction of the local and federal courts of New York, which shall serve as the exclusive forum for the purposes of any suit, action or other proceeding, except for a suit by Iris seeking injunctive relief, which Iris may pursue in any appropriate forum.

F. LIMIT OF LIABILITY

By enrolling in the IDP and/or by using any of the services, you, as Member agree that the total and exclusive liability of Iris and its employees, officers, directors, attorneys, agents, assigns and third-party contractors (the “Iris Parties”) to any Member for any claims, demands or damages relating to or arising out of IDP, the provision of services or any failure to provide services, shall be limited, in the aggregate, to fifty dollars (U.S. $50.00) (“Limit of Damages”). You, as Member agree to indemnify and hold the Iris Parties harmless for all damages, costs and expenses, including reasonable attorneys’ fees and costs, incurred by Iris in or relating to any legal proceeding brought by or on behalf of any Member for any claim, demand or damages in excess of the Limit of Damages. To the maximum extent permitted by law, notwithstanding any other provision of these Terms, in no event shall Iris be liable to you or any Member for any exemplary or punitive damages, any remote or consequential damages or any damages not arising directly and proximately from the provision of services, regardless or whether or not such damages were reasonably foreseeable by Iris at the time of the provision of services or the Member’s enrollment in the IDP.

Summary of Benefits

GENERALI – U.S. BRANCH

SUMMARY DESCRIPTION OF BENEFITS

IDENTITY INSURANCE

This Summary Description of Benefits (the “Summary”) is provided to inform “you” that as a member of Kaspersky Lab Switzerland GmbH “you” are entitled to benefits under the “policy” referenced below. This Summary does not state all the terms, conditions, and exclusions of the “policy”. “Your” benefits will be subject to all of the terms, conditions, and exclusions of the “policy”, even if they are not mentioned in this Summary. A complete copy of the “policy” will be provided upon request.

The “policy” of Identity Insurance Coverage has been issued to Kaspersky Lab Switzerland GmbH (herein referred to as the “policyholder”), under Policy Number 458256 underwritten by Generali – U.S. Branch to provide benefits as described in this Summary.

GENERAL INFORMATION

Company Name: Mailing Address:

Generali – U.S. Branch

7 World Trade Center 

250 Greenwich St. 33rd Floor

New York, NY 10007-0010

Should “you” have any questions regarding the “membership program” provided by the “policyholder”, or wish to view a complete copy of the “policy”, please call the customer service number located in “your” membership materials. 

LIMITS OF INSURANCE

Aggregate Limit of Insurance

$20,000,000                    

per policy period

Per Occurrence Limit of Insurance

$1,000,000

per policy period

Per Person Limit of Insurance

$1,000,000

per policy period

Costs for refiling applications/replacement of documents

(Included)                       

per policy period

Costs of long distance phone calls and postage

(Included)                        

per policy period

Costs of notarizing affidavits or other similar documents

(Included)                        

per policy period

Child/Elder Care

 

$500/day
up to $25,000

per policy period

Initial Legal Consultation

 

(Included) 

per policy period

Additional Legal Costs

 

(Included)                        

per policy period

Loss of Income

 

$500/day
up to $25,000

per policy period

Mental Healthcare Costs

 

$1,000                              

per policy period

Travel Costs

 

$5,000                             

per policy period

Credit Reports

 

(Included)

per policy period

Medical Records

 

(Included)

per policy period

TABLE OF CONTENTS:

REPORTING AN IDENTITY THEFT
FILING A CLAIM
BENEFITS
EXCLUSIONS
COVERAGE SCOPE
LIMITS OF INSURANCE
OTHER INSURANCE
DUPLICATE COVERAGES
TERMINATION OF COVERAGE

REPORTING AN IDENTITY THEFT EVENT

To report an “identity theft event”, please call the customer service number located in “your” membership materials.  

FILING A CLAIM

If “you” have any questions regarding the Identity Theft insurance coverage or wish to file a claim under the “policy”, please contact the customer service number located in “your” membership materials. 

This is a group “policy”.  If the “policy” is terminated, “your” benefits will cease effective on the date of such termination. It is the obligation of the “policyholder” to inform “you” of any termination of the “policy”.

BENEFITS 

Note:  All benefits are subject to the maximum amount stated above for that benefit.

“We” will pay “you” for the following in the event of an “identity theft event”:

1. Costs for refiling applications/replacement of documents:

“We” will pay the actual costs incurred by “you” because of an “identity theft event” for:

a.       re-filing applications for loans, grants or other credit instruments that are rejected and 
b.       replacing documents including driver’s licenses, passports, birth certificates, marriage certificates and stock certificates. 

2. Costs of long distance phone calls and postage:

 “We” will pay the actual costs of long distance phone calls and/or postage incurred by “you” to law enforcement agencies, credit agencies, financial institutions, healthcare providers, merchants or other credit grantors in order:

a.          to report an “identity theft event”; and/or
b.          amend or rectify records as to “your” true name or identity.

3. Costs of notarizing affidavits or other similar documents:

“We” will pay the actual costs of notarizing affidavits or other similar documents incurred by you in order to report an “identity theft event” and/or amend or rectify records as to “your” true name or identity.

4. Child/elder care costs:

“We” will pay costs for care of elderly relatives or child care for which “you” incurred as a result of “your” efforts to amend or rectify records as to “your” true name or identity as a result of an “identity theft event”.  Care must be provided by a professional care provider who is not a relative of “yours”.

5. Initial legal consultation:

“We” will pay the reasonable and necessary fees and expenses incurred by “you” with “our” consent for an attorney approved by “us” for an initial legal consultation.

6. Additional Legal costs:

 “We” will pay the reasonable and necessary fees and expenses incurred by “you” with “our” consent for an attorney approved by “us”. Legal fees and expenses include:

a.         Subject to the maximum amount stated above, the costs for an initial legal consultation;
b.         Defending any “suit” brought against “you” by a creditor, collection agency or other entity acting on behalf of a creditor for non-payment for goods or services or default on a loan solely as a result of an “identity theft event”; 
c.         Removing any civil judgement wrongfully entered against “you” solely as a result of an “identity theft event”;
d.         Defending criminal charges brought against “you” as a result of an “identity theft event”; however, the fees and expenses are only paid after it has been established that “you” were not in fact the perpetrator; e.         Contesting wrongfully incurred tax liability or the wrongful transfer of ownership of “your” tangible property.

7. Loss of income:

 “We” will pay the “actual lost income” that would have been earned for time reasonably and necessarily taken off work and away from the “your” work premises to communicate with law enforcement agencies, legal counsel, credit agencies, financial institutions, healthcare providers, or other credit grantors.  This “actual lost income” must be solely as a result of the “your” efforts to amend or rectify records as to your true name or identity as a result of an “identity theft event”. Computation of lost wages for “self-employed persons” must be supported by, and will be based on, prior year tax returns.

8. Mental healthcare costs: 

Subject to “our” prior consent, “we” will pay reasonable actual costs “you” incur for counseling for shock, mental injury or mental anguish as a result of an “identity theft event”. Such counseling must be provided by a licensed mental health professional who is not a relative of “yours”.

9. Travel costs: 

Subject to our prior consent, “we” will:

a.          pay costs for reasonable additional expenses (including but not limited to, gas, parking, airline tickets and/or rental car expenses) incurred by “you” in traveling to participate in the defense of “suits” brought against you by financial institutions, healthcare providers, merchants, other credit grantors or their collection agencies; 
b.          participate in the criminal prosecution of the perpetrators of the “identity theft event”;  
c.          file in-person loss affidavits and civil or criminal complaints with local law enforcement in the jurisdiction in which the “identity theft event” occurred as required by local law; or 
d.          visit a governmental agency or department of the United States, or of any state or territory of the United States, to rectify records.  

10. Credit Reports:

“We” will pay the cost incurred by “you” of up to six (6) credit reports from established credit bureaus (with no more than two (2) reports from any one credit bureau).

11. Medical Records:

“We” will pay the costs incurred by “you” for ordering medical records for the purpose of amending and/or rectifying those documents. 

An “identity theft event” means the fraudulent use of “your” name, address, social security number, bank or credit card account number or other personally identifying information or other method of identifying “you”.  “Identity theft event” includes “medical identity theft”. “Medical identity theft” means the theft of “your” personal or health insurance information to obtain medical treatment, pharmaceutical services or medical insurance coverage or to submit false claims for medical services or goods. An “identity theft event” does not include the theft or unauthorized or illegal use of “your” “business” name, d/b/a or any other method of identifying “your” “business” activity. All “loss” resulting from an “identity theft event(s)” and arising from the same, continuous, related or repeated acts will be treated as arising out of a single “identity theft event” occurring at the time of the first such “identity theft event”.

EXCLUSIONS

The “policy” does not apply to any “loss” arising directly or indirectly, in whole or in part, out of the following:

1. Bodily Injury

Any physical injury, sickness, disease, disability, including required care, or loss of services sustained by a person, including death resulting from any of these at any time.

2. Dishonest Acts

Any dishonest, criminal, malicious or fraudulent acts if “you” who suffered a “loss” willingly participated in, directed, or had knowledge of such acts.

3. Natural Disaster (Act of God)

Any fire, smoke, explosion, lightning, wind, water, flood, earthquake, volcanic eruption, tidal wave, landslide, hail, an act of God or any other physical event.

4. Political Risk, Financial Guarantee & Risk Exclusion

Any: 

a.     Contract frustration including, but not limited to, all forms of non-performance of contractual obligations, import and/or export embargo, non-ratification of contracts, exchange transfer, calling of bonds and guarantees and force majeure indemnities;
b.     Failure or delay in delivery or supply of any form of property whatsoever, unless as a direct result of physical damage; and
c.     Form of financial guarantee, surety or credit indemnity.

5. Prior Losses

Any “loss” resulting from an “identity theft event” that occurred prior to the inception date of this “policy”.

6. Professional or Business

Any “business” activity, including without limitation, any “loss” connected to an “account” used for “business” purposes.

7. Proper Authorities

Any “identity theft event” not reported to the police in writing.

8. Public Authority

Any destruction, confiscation or seizure by order of any government or public authority.

9. Reporting

Any “loss” resulting from an “identity theft event” reported to “us”:

a.     more than six (6) months after the “identity theft event” occurred, or;
b.     more than ninety (90) days after the “identity theft event” is first discovered by “you”,

       whichever is earlier.

10. Terrorism

Terrorism (whether declared or not and whether domestic or foreign) includes an unlawful act, including the use of force or violence, of any person or group(s) of persons, whether acting alone or on behalf of or in connection with any organization(s), committed for political, religious, or ideological purposes including the intention to influence any government and/or to put the public in fear for such purposes.

11. Theft by Immediate Family Members

Any “loss” caused by “your” immediate family member without signature authority, subject to the following: 

a.     An immediate family member for purposes of this exclusion includes the following:

(1)   “Your” “spouse” (or analogous “domestic partner” recognized by law, such as a civil union);

(2)   “Your” “dependent” child; or 

(3) A “dependent” child of “your” “spouse”

at the time of the “identity theft event”;

b.     The foregoing exclusion is not applicable provided that “you” file a report with appropriate law enforcement authorities regarding the “identity theft event” within fourteen (14) days after “your” discovery of the “identity theft event”.

12. Voluntary Disclosure

The voluntary disclosure of any code or other security information that can be used to gain access to any of “your” accounts to someone who subsequently contributes to an “identity theft event”.  However, this exclusion will not apply if such disclosure was made when “you” were under duress or the victim of fraud.

13. War

War (whether declared or not) including civil war, insurrection, act of foreign enemy, civil commotion, fractional civil commotion, military or usurped power, rebellion, revolution, invasion, hostilities or warlike operations or mutiny or any act or condition incident to war.

COVERAGE SCOPE

Subject to the  “policy’s” terms, conditions and exclusions, the “policy” provides benefits to “you” only if: (1) “you” report an “identity theft event” to the “policyholder” at the customer service number located in “your” membership materials as soon as “you” become aware of an “identity theft event”, but in no event later than ninety (90) days after the “identity theft event” is discovered; and (2) “you” follow the instructions given to “you” in a claims kit that “you” will be provided.   These instructions will include notifying major credit bureaus, the Federal Trade Commission's Identity Theft Hotline and appropriate law enforcement authorities. “You” will also be provided with a claim form and instructed how to file for benefits under the “policy” if the “identity theft event” results in “losses” covered under the “policy”.

“You” will only be covered for an “identity theft event”:

1.     That occurs during the “policy period”, is first discovered by “you” while “you” are a member of the “policyholder's insured program and is reported to “us” within ninety (90) days of such discovery, or 

2.     Within six months of the occurrence of an “identity theft event” that occurs during the “policy period” while “you” are a member of the “policyholder’s” insured program, 

whichever is earlier.

“You” will not be covered if the “identity theft event” first occurs after termination of the “policy” or termination of “your” membership in the “policyholder's” insured program.

LIMITS OF INSURANCE

The most “we” will pay “you” cannot exceed the Aggregate Limit of Insurance shown above. All Additional Legal Costs are part of and subject to the Aggregate Limit of Insurance. The other Limits of Insurance shown above are sub-limits of the Aggregate Limit of Insurance and the most “we” will pay “you” for those coverages. 

OTHER INSURANCE

“We” are excess over any other insurance, including, without limitation, homeowner’s or renter’s insurance. If “you” have other insurance that applies to a “loss” under this “policy”, the other insurance will pay first. This “policy” applies to the amount of “loss” that is in excess of the Limit of Insurance of “your” other insurance and the total of all “your” deductibles and self-insured amounts under all such other insurance. In no event will “we” pay more than “our” Limits of Insurance as shown above.

 DUPLICATE COVERAGES

If “you” are enrolled in more than one “membership program” insured by “us”, or any of “our” affiliates, “we” will reimburse “you” under each “membership program”:

1.     Subject to the applicable deductibles and Limits of Insurance of each insured “membership program”;

2.     But in no event will the total amount reimbursed to “you” under all “membership programs” exceed the actual amount of “loss”, and

3.     In no event will the Limit of Insurance under all “membership programs” exceed the largest Limit of Insurance available to “you” under any “membership program” provided by “us”.

TERMINATION OF INSURANCE

“Your” insurance terminates on the date when the “policy” terminates.

Furthermore, after the cancellation, termination or expiration of “your” individual membership in the

“membership program”, “your” coverage under the “policy” is terminated.  There is no coverage for “you” for any “identity theft event” occurring after the effective date and time of such termination.

The “policyholder” will provide “you” with 30 days advanced written notice of the termination. 

Master Policy

GENERALI – U.S. BRANCH IDENTITY INSURANCE

DECLARATIONS

POLICYHOLDER: Kaspersky Lab Switzerland GmbH

POLICYHOLDER ADDRESS: Bahnhofstrasse 69, CH-8001 Zürich, Switzerland

Accepted on behalf of Kaspersky Lab Switzerland GmbH by Kaspersky Lab, Inc., by its Director, Angelo Gentile, located at 500 Unicorn Park Drive, Woburn, MA, 01801

POLICY NUMBER: 458256

POLICY PERIOD:  February 1, 2022   to   January 31, 2023   at 12:01 AM at the Policyholder’s Address.

1.  BENEFITS PROVIDED:

 

COVERAGES

 

LIMITS OF INSURANCE:

 

Costs for refiling applications/replacement documents

 

(Included)

Costs of long distance phone calls and postage

 

(Included)

Costs of notarizing affidavits or other similar documents

 

(Included)

Child/Elder Care

 

$500/day up to $25,000

Initial Legal Consultation

 

(Included)

Additional Legal Costs

 

(Included)

Loss of Income

 

$500/day up to $25,000

Mental Healthcare Costs

 

$1,000

Travel Costs

 

$5,000

Credit Reports

 

(Included)

Medical Records

 

(Included)

2. PER OCCURRENCE:

 

$1,000,000

3. PER PERSON:

 

$1,000,000

4. AGGREGATE LIMIT OF LIABILITY:

 

$20,000,000

GENERALI – U.S. BRANCH IDENTITY INSURANCE

TABLE OF CONTENTS

SECTION I – INSURING AGREEMENT.......................................................

SECTION II – COVERAGES........................................................................

SECTION III – EXCLUSIONS......................................................................

SECTION IV – OBLIGATIONS OF THE POLICYHOLDER............................

SECTION V – OBLIGATIONS OF THE INSURED.........................................

SECTION VI – CONDITIONS......................................................................

SECTION VII – LIMITS OF INSURANCE......................................................

SECTION VIII – DEFINITIONS....................................................................

SECTION IX – CANCELLATION, TERMINATION AND NON-RENEWAL.......

SECTION X – CANCELLATION OF MEMBERSHIP......................................

GENERALI IDENTITY INSURANCE

COVERAGE PART

This policy provides coverage through a “policy” with benefits to insureds. Please read the entire policy carefully to determine the “policyholder’s” and the insured’s right and duties and what is and what is not covered under this policy.

Throughout this “policy”, the terms “we”, “us” and “our” mean the company providing this insurance. “You”, “your” and “yours” refer to the “insured”. Other words and phrases that appear in quotation marks have special meaning and are defined in SECTION VIII – DEFINITIONS.

SECTION I – INSURING AGREEMENT

“We” will pay the “insured” for “loss” resulting from “identity theft events” first occurring during the “policy period” and reported to “us” in within 90 days of discovery by the “insured” or within six (6) months of an “identity theft event”, whichever is earlier.

SECTION II – COVERAGES

Note: All benefits are subject to the maximum amount stated in the attached Declarations for that benefit.

1.     Costs for refiling applications/replacement of documents:

“We” will pay the actual costs incurred by the “insured” as a result of an “identity theft event” for:

a.     re-filing applications for loans, grants or other credit instruments that are rejected; and

b.     replacing documents, including driver’s licenses, passports, birth certificates, marriage certificates and stock certificates.

2.     Costs of long distance phone calls and postage:

“We” will pay the actual costs of long distance phone calls and/or postage incurred by the “insured” to law enforcement agencies, credit agencies, financial institutions, healthcare providers, merchants or other credit grantors in order to:

a.     report an “identity theft event”; and/or

b.     amend or rectify records as to the “insured’s” true name or identity.

3.     Costs of notarizing affidavits or other similar documents:

“We” will pay the actual costs of notarizing affidavits or other similar documents incurred by the “insured” in order to report an “identity theft event” and/or amend or rectify records as to the “insured’s” true name or identity.

4.     Child/elder care costs:

“We” will pay costs for care of elderly relatives or child care for which the “insured” incurred as a  result of the “insured’s” efforts to amend or rectify records as to the “insured’s” true name or identity as a result of an “identity theft event”. Care must be provided by a professional care provider who is not a relative of the “insured”.

5.     Initial legal consultation

“We” will pay the reasonable and necessary fees and expenses incurred by the “insured” with “our” consent for an attorney approved by “us” for an initial legal consultation.

6.     Additional legal costs:

“We” will pay the reasonable and necessary fees and expenses incurred by the “insured” with “our” consent for an attorney approved by “us”. Legal fees and expenses include:

a.     Costs for an initial legal consultation;

b.     Defending any “suit” brought against the “insured” by a creditor, collection agency or other entity acting on behalf of a creditor for non-payment for goods or services or default on a loan solely as a result of an “identity theft event”;

c.     Removing any civil judgment wrongfully entered against the “insured” solely as a result of an “identity theft event”;

d.     Defending criminal charges brought against the “insured” as a result of an “identity theft event”; however, the fees and expenses are only paid after it has been established that the “insured” was not in fact the perpetrator;

e.     Contesting wrongfully incurred tax liability or the wrongful transfer of ownership of an “insured’s” tangible property.

7.     Loss of income:

“We” will pay the “actual lost income” that would have been earned for time reasonably and necessarily taken off work and away from the “insured’s” work premises to communicate with law enforcement agencies, legal counsel, credit agencies, financial institutions, healthcare providers, or other credit grantors. This “actual lost income” must be solely as a result of the “insured’s” efforts to amend or rectify records as to the “insured’s” true name or identity as a result of an “identity theft event”. Computation of lost wages for “self-employed persons” must be supported by, and will be based on, prior year tax returns.

8.     Mental healthcare costs:

Subject to our prior consent, “we” will pay reasonable actual costs the “insured” incurs for counseling for shock, mental injury or mental anguish as a result of an “identity theft event”. Such counseling must be provided by a licensed mental health professional care provider who is not a relative of the “insured”.

9.     Travel costs:

Subject to our prior consent, “we” will:

a.     pay costs for reasonable additional expenses (including but not limited to, gas, parking, airline tickets and/or rental car expenses) incurred by the “insured” in traveling to participate in the defense of “suits” brought against the “insured” by financial institutions, healthcare providers, merchants, other credit grantors or their collection agencies;

b.     participate in the criminal prosecution of the perpetrators of the “identity theft event”;

c.     file in-person loss affidavits and civil or criminal complaints with local law enforcement in the jurisdiction in which the “identity theft event” occurred as required by local law; or

d.     visit a governmental agency or department of the United States, or of any state or territory of the United States, to rectify records.

10.  Credit Reports:

“We” will pay the cost incurred by the “insured” of up to six (6) credit reports from established credit bureaus (with no more than two (2) reports from any one credit bureau).

11.  Medical Records:

“We” will pay the costs incurred by the “insured” for ordering medical records for the purpose of amending and/or rectifying those documents.

SECTION III – EXCLUSIONS

This “policy” does not apply to any “loss” arising directly or indirectly, in whole or in part, out of the following:

1.     Bodily Injury

 

Any physical injury, sickness, disease, disability, including required care, or loss of services sustained by a person, including death resulting from any of these at any time.

2.     Dishonest Acts

Any dishonest, criminal, malicious or fraudulent acts if the “insured” that suffered a “loss” willingly participated in, directed, or had knowledge of such acts.

3.     Natural Disaster (Act of God):

Any fire, smoke, explosion, lightning, wind, water, flood, earthquake, volcanic eruption, tidal wave, landslide, hail, an act of God or any other physical event.

4.     Political Risk, Financial Guarantee & Risk Exclusion

Any:

a.     Contract frustration including, but not limited to, all forms of non-performance of contractual obligations, import and/or export embargo, non-ratification of contracts, exchange transfer, calling of bonds and guarantees and force majeure indemnities;

b.     Failure or delay in delivery or supply of any form of property whatsoever, unless as a direct result of physical damage; and

c.     Form of financial guarantee, surety or credit indemnity.

5.     Prior Losses

Any “loss” resulting from an “identity theft event” that occurred prior to the inception date of this “policy”.

6.     Professional or Business

Any “business” activity, including without limitation, any “loss” connected to an “account” used for “business” purposes.

7.     Proper Authorities

Any “identity theft event” not reported to the police in writing.

8.     Public Authority

Any destruction, confiscation or seizure by order of any government or public authority.

9.     Reporting

Any “loss” resulting from an “identity theft event” reported to “us”:

a.     more than six (6) months after the “identity theft event” occurred, or;

b.     more than ninety (90) days after the “identity theft event” is first discovered by the “insured”, whichever is earlier.

10.  Terrorism

Terrorism (whether declared or not and whether domestic or foreign) includes an unlawful act, including the use of force or violence, of any person or group(s) of persons, whether acting alone or on behalf of or in connection with any organization(s), committed for political, religious, or ideological purposes including the intention to influence any government and/or to put the public in fear for such purposes.

11.  Theft by Immediate Family Members

Any “loss” caused by an immediate family member of the “insured” without signature authority, subject to the following:

a.     An immediate family member for purposes of this exclusion includes the following:

(1)   A spouse (or analogous domestic partner recognized by law, such as a civil union);

(2)   A “dependent” child of the “insured”; or

(3)   A “dependent” child of the “insured’s” spouse; at the time of the “identity theft event”.

b.     The foregoing exclusion is not applicable provided the “insured” files a report with appropriate law enforcement authorities regarding the “identity theft event” within fourteen (14) days after the “insured’s” discovery of the “identity theft event”.

12.  Voluntary Disclosure

The voluntary disclosure of any code or other security information that can be used to gain access to any of the “insured’s” accounts to someone who subsequently contributes to an “identity theft event”. However, this exclusion will not apply if such disclosure was made when the “insured” was under duress or the victim of fraud.

13.  War

War (whether declared or not) including civil war, insurrection, act of foreign enemy, civil commotion, fractional civil commotion, military or usurped power, rebellion, revolution, invasion, hostilities or warlike operations or mutiny or any act or condition incident to war.

SECTION IV – OBLIGATIONS OF THE POLICYHOLDER

As a condition precedent to coverage under this “policy”, the “policyholder” will at all times have the duties and obligations set forth in this section. These duties and obligations are in addition to any obligations of the “insured” otherwise provided for under this “policy”. The “policyholder” will:

1.     Allow “us” to examine and audit all of the “policyholder” records that relate to this “policy”. “We” may conduct the audits during regular business hours during the “policy period” and within three (3) years after the “policy period” ends;

2.     Notify “us” in writing of a “computer attack” that may have resulted in the “unauthorized access” of “personal information” of an “insured”, such notice to be provided within five (5) business days of the “policyholder’s” discovery that a “computer attack” has occurred and, as soon as practicable, notify in writing any potentially affected “insured”;

3.     Take all reasonable steps to use, design, maintain and upgrade its network and “computer system” security and to minimize “computer attacks” of its network and “computer system”;

4.     As soon as practicable, notify the “insured” of its rights and obligations under this “policy” in a form approved by “us”;

5.     Submit to “us” for the review and approval of any informational materials developed by the “policyholder” with respect to the “policy” or “policy” benefits. This shall specifically include, but not be limited to, any materials that refer, directly or indirectly, to Assicurazioni Generali – United States Branch, or the existence of the “policy” issued to the “policyholder”;

6.     Comply with all applicable privacy laws and regulations including, without limitation, all laws and regulations relating to the collection, maintenance and dissemination of “personal information”.

SECTION V – OBLIGATIONS OF THE INSURED

As a condition precedent to coverage under this “policy”, the “insured” will at all times have the following duties and obligations. These duties and obligations are in addition to any obligations of the “policyholder” otherwise provided for under this “policy”:

1.     If an “identity theft event” occurs, the “insured” will notify “us” promptly, but no later than 90 days after discovery by the “insured”, of such “identity theft event”. Notification must be made by calling the number provided in the Summary Description of Benefits, or contacting “us” at [xxx-xxx-xxxx]. The “insured” agrees to follow “our” written instructions to mitigate potential “loss”, which will be provided

to the “insured” in a claims kit. This will include the prompt notification of major credit bureaus, the Federal Trade Commission’s Identity Theft Hotline and appropriate law enforcement agencies.

2.     If an “identity theft event” occurs, the “insured” will also:

a.     Submit to “us” the written proof of “loss” provided to the “insured” in a claims kit, and provide any other reasonable information or documentation that “we” may request;

b.     Take all reasonable steps to mitigate “loss” resulting from an “identity theft event” including, but not limited to, requesting a waiver of any applicable fees including loan application fees or credit bureau fees;

c.      File a report with the police or appropriate law enforcement authority;

d.     Provide all assistance and cooperation that “we” may require in the investigation and determination of any “identity theft event”, including but not limited to:

(1)   Immediately forwarding to “us” any notices, summons or legal papers received by the “insured” in connection with an “identity theft event” or the theft of “personal information”;

(2)   Authorizing “us” to obtain records and other information with regard to any “identity theft event”. This includes permitting “us” to inspect the “insured’s” books and records including, but not limited to, obtaining any mental health records as required;

(3)   Cooperating with and helping “us” to enforce any legal rights that the “insured” and “we” may have against anyone who may be liable to the “insured”;

(4)   Attending depositions, hearings and trials, securing and giving evidence, and obtaining the attendance of witnesses with regard to an “identity theft event”;

(5)   Answering “our” questions under oath at such times as may be reasonably required about any matter relating to this “policy” or the insured’s “loss”. In such event, the “insured’s” answers under oath will be signed.

SECTION VI – CONDITIONS

1.     Assignment

This “policy” and all rights provided by this insurance are not assignable without “our” written consent.

2.     Bankruptcy

The bankruptcy or insolvency of the “insured” or the “insured’s” estate will not relieve “us” of any obligation under this “policy”.

3.     Changes

Changes to the provisions of this “policy” will be made only by endorsement “we” issue and made a part of this “policy”.

4.     Concealment, Misrepresentation or Fraud

This “policy” will be cancelled if the “policyholder” intentionally conceals or misrepresents a material fact concerning this “policy”. In addition, coverage under this “policy” will also be cancelled for any one “insured” if that “insured” intentionally conceals or misrepresents a material fact concerning:

a.     An “identity theft event”;

b.     The “insured’s” interest in any property involved in a “loss”; or

c.      A “loss” under this “policy”.

Cancellation will be handled in accordance with SECTION IX.

5.     Conformance to Statute

To the extent a term of this “policy” conflicts with a statute of the State within which this “policy” is issued, the term will be deemed amended so as to conform to the statute.

6.     Coverage Territory

Subject to its terms, conditions and exclusions, this “policy” applies to an “identity theft event” occurring anywhere in the world, but “we” will only pay for “loss” incurred in the United States, its Territories and Possessions, and Puerto Rico.

7.     Duplicate Coverages

Should the “insured” be enrolled in more than one (1) identity theft program insured by “us” or any of “our” affiliates, “we” will reimburse the “insured” under each program. This payment is subject to the applicable deductibles and limits of insurance of the “insured” under the applicable program. In no event will the total amount reimbursed to the “insured” under all programs combined exceed the actual amount of “loss”.

8.     Legal Action Against “Us”

No legal action may be brought or made against “us” under this “policy” unless:

a.     There has been full compliance with all of the terms of this “policy”; and

b.     The action is brought within three (3) years after the date on which an “identity theft event” occurred.

9.     Litigation

The “policyholder” will promptly advise “us” of the material facts of:

a.     Any pending or threatened investigation with respect to the “policy” by a governmental agency or authority;

b.     Any complaint filed against the parties with respect to the “policy” by any governmental agency or authority;

c.      Any pending or threatened litigation against the “policyholder” or “us” with respect to the “policy”.

The “policyholder” will also promptly advise “us” of:

a.     the material facts of any pending or threatened litigation; or

b.     the existence of any criminal indictment or conviction against the “policyholder” or its senior management,

which could adversely affect the “policy” or either the “policyholder’s” or “our” ability to perform the obligations under this “policy”.

10.  Other Insurance

a.     This “policy” is excess over any other insurance (including, without limitation, homeowner’s or renters insurance), product liability, extended services agreement or contract. If the “insured” has other insurance that applies to a “loss” under this “policy”, the other insurance will pay first. This “policy” applies to the amount of “loss” that is in excess of:

(1)   The limit of Insurance of the “insured’s” other insurance;

(2)   The total of all the “insured’s” deductibles and self-insured amounts under all such other insurance.

b.     In all events, “we” will not pay more than the Aggregate Limit of Liability specified in item 2 of the Declarations.

11.  Proprietary Rights

Except as provided herein, this “policy” does not confer upon either party any interest in or right to  use any trademark, service mark or other intellectual property right of the other party hereto or its affiliates (collectively referred to as such party’s “Intellectual Property Rights”) in connection with the “policy” or for any other purpose unless a party receives the prior written consent of the other party hereto, which consent may be granted or withheld in a party’s sole discretion. Upon termination of  this “policy”, each party will immediately cease and discontinue all use of the other party’s Intellectual Property Rights. In no event may any party or any affiliated person or entity utilize any other party’s Intellectual Property Rights in connection with any products or services other than the “policy”.

12.  Recoveries

Any recoveries, less the cost of obtaining them, made after settlement of “loss” covered by this “policy” will be distributed as follows:

a.     First, to the “insured”, until the “insured” is reimbursed for any “loss” that was sustained by the “insured” that exceeds the Limit of Insurance and the deductible amount, if any;

b.     Then to “us”, until “we” are reimbursed for the settlement made; and

c.      Then to the “insured” until the “insured” is reimbursed for that part of the “loss” equal to the deductible amount, if any.

Recoveries do not include any recovery from insurance, suretyship, reinsurance, security or indemnity taken for “our” benefit.

13.  Titles of Paragraphs

Titles of paragraphs are inserted solely for convenience of reference and will not be deemed to limit, expand or otherwise affect the provisions to which they relate.

14.  Transfers of Rights of Recovery Against Others to “Us”

If any person for whom “we” make a payment under this “policy” has rights to recover from another, those rights are transferred to “us” to the extent of “our” payment. That person will do everything necessary to secure “our” rights and will do nothing after an “identity theft event” to impair them.

SECTION VII – LIMITS OF INSURANCE

1.     Subject to 2, below, the maximum “we” will pay per “insured” for each “loss” will not exceed the applicable Limit of Insurance shown in the Declarations.

2.     The Aggregate Limit of Liability specified in item 2 of the Declarations is the most “we” will pay for all “loss”, resulting from all “identity theft events” combined first occurring during the “policy period”.

3.     All “loss” arising out of the same, continuous, related or repeated “identity theft event” will be subject to the terms, conditions, exclusions and Limits of Insurance in effect at the time the first such “identity theft event” occurs and will be deemed to arise out of one occurrence and will be treated as one (1) “loss”.

4.     ALL LEGAL COSTS ARE PART OF, AND NOT IN ADDITION TO, THE AGGREGATE LIMITS OF INSURANCE FOR EACH “INSURED”.

SECTION VIII – DEFINITIONS

1.     “Actual lost income” means actual lost wages that would have been earned for time reasonably and necessarily taken off work and away from the “insured’s” work premises, whether partial or whole days, solely as a result of the “insured’s” efforts to amend or rectify records as to the “insured’s” true name or identity as a result of an “identity theft event”. Actual lost wages includes remuneration for vacation days, discretionary days, floating holidays, and paid personal days and excludes “business” interruption or future earnings of a “self-employed person”. Computation of lost wages for “self- employed persons” must be supported by, and will be based on, prior year tax returns.

2.     “Business” means any employment, trade, profession or occupation.

3.     “Computer attack” means receipt or transmission of malicious code, “unauthorized access” or “unauthorized use”, whether intentional or unintentional, hostile or otherwise and regardless of whether the perpetrator is motivated for profit, which results in copying, misappropriation or transmission of “personal information” pertaining to an “insured”.

4.     “Computer system” means computer hardware, software, firmware, including electronic data stored thereon, which are linked together through a network of two (2) or more computers, including such networks accessible through the Internet. “Computer system” will also include network infrastructure, input, output, processing, storage and off-line media libraries, as well as those written policies and procedures applicable to the security of a computer network.

5.     “Dependents” means unmarried children from the moment of birth, including natural children, stepchildren and adopted children, who are primarily dependent upon an “insured” for maintenance and support, and who are under age 19 or under age 26 if enrolled as a full-time student, or unmarried children regardless of age who are incapable of self-support because of a mental or physical disability.

6.     “Domestic Partner” means the mentally-competent partner of an “insured”, either of the same or the opposite sex who is at least 18 years of age and has met all of the following requirements for at least six (6) months:

a.     Resides with the “insured”; and

b.     Shares financial assets and obligations with the "insured".

“We” may require proof of the “domestic partner” relationship in the form of a signed and completed affidavit of domestic partnership.

7.       “Identity theft event” means the fraudulent use of the “insured’s” “personal information”. “Identity theft event” includes “medical identity theft”. “Medical identity theft” means the theft of the “insured´s” personal or health insurance information to obtain medical treatment, pharmaceutical services or medical insurance coverage or to submit false claims for medical services or goods. An “identity theft event” does not include the theft or “unauthorized use” or illegal use of the “insured’s” “business” name, d/b/a or any other method of identifying the “insured’s” “business” activity. All “loss” resulting from an “identity theft event(s)” and arising from the same, continuous, related or repeated acts will be treated as arising out of a single “identity theft event” occurring at the time of the first such “identity theft event”.

8.       “Insured” means each natural person on record with “us” as enrolled in a “membership program” of the “policyholder” at the time of an “identity theft event”. Depending on the type of “membership program” selected, “insured” may include a “spouse”, “domestic partner” or “dependents”.

9.       “Loss” means the economic damages outlined in SECTION II - COVERAGES of this “policy” resulting from an “identity theft event” that occurred during the “policy period”.

10.     “Membership program” means each program sponsored by the “policyholder” and specifically listed by endorsement as a covered program under this “policy”.

11.     “Personal Information” means:

a.     Non-public information from which an individual may be uniquely and reliably identified or contacted;

b.     Information concerning an individual that would be considered “nonpublic personal information” within the meaning of Title V of the Gramm-Leach-Bliley Act (Public Law 106- 102, 113 Stat. 1338); or

c.     Information concerning an individual that would be considered “protected health information” within the Health Insurance Portability and Accountability Act of 1996 (as amended) and its implementing regulations.

“Personal information” includes, without limitation, an individual’s social security number, account numbers, account balances, account histories and passwords.

12.    “Policy” means this group “policy” and any endorsement attached hereto, together with the application and any attachments thereto.

13.    “Policy period” means the period commencing on the effective date specified in the Declarations. This period ends on the expiration date specified in the Declarations or, in the event of cancellation or nonrenewal of this “policy”, then the date specified in such cancellation or non-renewal notice.

14.    “Policyholder” means the entity named as such in the Declarations to which this “policy” is issued.

15.    “Self-employed person” means a person who owns or operates his or her own “business” and whose primary income is earned from such “business”.

16.    “Spouse” means two legally wed individuals including “domestic partner” as defined in this “policy”.

17.    “Suit” means a civil proceeding seeking money damages that is commenced by the service of a complaint or similar pleading.

18.     “Unauthorized access” means the gaining of access to a “computer system” by an unauthorized person(s) or by an authorized person(s) in an unauthorized manner.

19.     “Unauthorized use” means the use of a “computer system” by an unauthorized person(s) or by an authorized person(s) in an unauthorized manner.

SECTION IX – CANCELLATION, TERMINATION AND NON-RENEWAL

1.     This “policy” will terminate on the expiration date specified in the “policy period” shown in the Declarations page. Notwithstanding, in the event of cancellation or non-renewal of this “policy”, the “policy” terminates on the date specified in such notice of cancellation or nonrenewal. There is no coverage for any “identity theft event” occurring after the effective date and time of such expiration, cancellation or non-renewal. Termination of this “policy” will not reduce or eliminate the period within which the “insured” must report to “us” an “identity theft event”.

2.     If “we” cancel or non-renew this “policy”, such notice of cancellation or non-renewal shall be sent by a first-class tracking method to the “policyholder” at the mailing address shown in the Declarations.  The notice will include the effective date of such cancellation or non-renewal and the reason for the cancellation or non-renewal. Proof of mailing shall be sufficient proof of notice.

3.     Cancellation:

a.     During the first forty-five (45) days that the “policy” is in effect, “we” may cancel this “policy” if the risk does not meet “our” underwriting standards by mailing to the “policyholder” written notice at least:

(1)   Fifteen (15) days before the effective date of cancellation if “we” cancel for nonpayment of premium; or

(2)   Thirty (30) days before the effective date of cancellation if “we” cancel because the risk does not meet “our” underwriting standards.

b.     After the “policy” has been in effect for more than forty-five (45) days, “we” may cancel the policy for the following reasons only:

(1)   Nonpayment of premium;

(2)   If there has been a material misrepresentation of fact which if known to “us” would have caused “us” to not issue the “policy”; or

(3)   If the risk has changed substantially since the “policy” was issued.

4.     Non-Renewal:

“We” may elect to non-renew this “policy”. “We” may do so by mailing to the “policyholder” notice of non-renewal at least forty-five (45) days before the expiration of the insurance.

At our sole and absolute discretion, “we” may extend this “policy” on the same terms and rates beyond the expiration date set forth in the Declarations for such period as is necessary for “us” to comply with this paragraph.

The “policy period” will end on the date specified in the cancellation or non-renewal notice.

5.     The “policyholder” may cancel this “policy” by mailing or delivering to “us” advance written notice of cancellation setting forth the date and time thereafter during the “policy period” on which the cancellation will be effective. In such case, the “policyholder” will return the “policy” or a properly executed Lost Policy Release by mail or delivery to “us” within seven (7) days of the effective date of cancellation.

6.     If “we” or “you” cancel this “policy”, “we” will send the “you” any premium refund due and the refund will be pro rata. The premium refund will be tendered by “us” within ten (10) days of the effective date of cancellation regardless of who initiates the cancellation.

SECTION X – CANCELLATION OF MEMBERSHIP

After the cancellation, termination or expiration of the “insured’s” individual membership in the “membership program”, any coverage under this “policy” for that “insured” is terminated. There is no coverage for that “insured” for any “identity theft event” occurring after the effective date and time of such termination.

MASSACHUSETTS AMENDATORY ENDORSEMENT

This Endorsement is attached to and made part of the Policy as of the Policy Effective Date. It is subject to all the provisions, limitations, and exclusions of the Policy except as this Rider specifically modifies them.

The “policy” is amended as follows:

1. In SECTION VIII – DEFINITIONS, the following changes are made:

Item 12, the following sentence is added: The policy applied for is not subject to all insurance laws that apply to other commercial lines products and may contain significant differences from a policy that is subject to all insurance laws. Please read above full policy conditions and endorsements. Please read above references to claims-made versus occurrence triggers, perils, exclusions, location or territory limitations, and defense within limits or outside of limits.

There are no other changes to the “policy”.

I hereby acknowledge that I have read the above disclosure notice and have received a copy of the same.

Signed for the Policyholder

Angelo P. Gentile

Executive VP Finance & Operations

4 February 2022