Skip to Main Content
Find an Agent
Contact Us
Search
Search

American Family Insurance California Privacy Notice

Effective Date: January 3, 2023

 

This California Privacy Notice supplements the American Family Insurance General Privacy Notice and applies solely to individuals who reside in California (“consumers”). We have adopted this policy to comply with the California Privacy Rights Act (“CPRA”), previously known as the California Consumer Privacy Act of 2018 ("2018").

Information We Collect

CPRA defines personal information as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Personal information does not include de-identified or aggregate consumer information. We will implement technical safeguards to prohibit re-identification of de-identified information about you.

We have collected some or all the below categories of personal information from consumers within the last twelve (12) months.

Please note that the examples are not an exhaustive list and personal information collected may fall into multiple categories. Categories and specific pieces of information collected will vary depending on the nature of your relationship with us.

 

Categories of Personal Information

Definition/Examples

Personal Identifiers

Name, DOB, SSN, telephone, address, driver’s license number, passport number, electronic signature, account credentials, passwords, and email address

Demographics

Age, race, ethnicity, religion, gender identification, disability status, citizenship, family relationships, veteran or military status

Professional or Employment Information

Employment contract, salary, disciplinary action, employment history, performance reviews, professional designations, resumes and job applications

Education Information

School records, school(s) attended, dates attended, degree(s) earned, academic achievements

Financial Information

Credit history, bank account numbers, investment or brokerage account numbers, information regarding estate or tax planning, debts, trusts, credit or debit card numbers

Medical and Wellness Information

Medical history, medical questionnaires, information regarding physical, mental and behavioral health, genetic information, information regarding payment for health care services

Biometric Information

Fingerprints, facial recognition scans, eye scans, voice recognition, typing cadence, ongoing monitoring of sleep, health patterns and exercise

Internet or Network Activity

Browser history, search history, IP Address, mobile device identifier, cookies, interaction with website, app and advertisements

Geolocation Data

Point in time location information, GPS coordinates and location-tracking information

Audiovisual Information

On-site security cameras, pictures, video and audio recordings

Profile Data / Inferences

Profiles reflecting a person’s preferences, such as interests, hobbies, characteristic tendencies, behaviors, attitudes or aptitudes, including inferences drawn from personal information

Commercial Information

Records of personal property, products or services purchased, obtained or considered or other purchasing or consuming histories or tendencies

American Family Product Information

Policy and billing account numbers, policy benefits and values, beneficiary, ownership arrangements, transaction history

Sensitive Personal Information

SSN, driver’s license number, state identification card or passport number; account login, financial account debit or credit card number in combination with any required security or access code; precise geolocation; race or ethnic origin; genetic data


We reserve the right to create or allow others to create aggregate consumer information data sets by ensuring that individual consumer identities have been removed and are not linked or reasonably linkable to any consumer or household, including via a device. The CPRA does not require that we re-identify such information in response to a consumer request.

We collect personal information about consumers from the following sources:

  • Insurance applications and related forms
  • Transactions with us, our affiliates or others
  • Consumer reporting agencies
  • Transactions with non-affiliated third parties
  • From a text or SMS message that you send to us in order to obtain more information about a product or service

How We Retain Your Personal Information

We retain personal information for the periods required by applicable laws and/or as specified in our records retention policies and procedures and our Privacy Notice. The period chosen takes account of applicable legal requirements to retain data and specific business use cases. We maintain records management and retention policies and procedures so that, where required, personal information is disposed of after a reasonable time in consideration of the following retention criteria:

  • We retain your personal information for as long as needed to carry out the business purposes set forth in this Privacy Notice, or to support our business functions and operations.
  • We retain your personal information as long as we have an ongoing relationship with you or for as long as needed to provide products or services to you.
  • We retain your personal information for as long as needed to comply with our legal and contractual obligations or as necessary to defend our rights.

How We Use Personal Information

We may use or disclose the personal information we collect for one or more of the following business or commercial purposes:

  • Insurance policy sales and administration
  • Marketing and advertising
  • Claims and investigations
  • Research and analytics
  • Fulfilling legal and regulatory obligations

How We Share Personal Information

We do not sell the personal information we obtain.

Your personal information may be disclosed to our affiliates or an external third party for a business purpose. When we disclose personal information to an external third party for a business purpose, we enter a contract with the recipient that describes the purpose for sharing the information and requires the recipient to protect that information. Our affiliates are only permitted to use personal information we disclose to them for authorized business purposes and they are required to protect the information in accordance with approved data security plans.

We may share your personal information with the following categories of third parties including:

  • Other insurance institutions, financial institutions or insurance support organizations;
  • Authorized agents or brokers;
  • Service providers;
  • Marketing and advertising partners;*
  • Law enforcement, regulators and other parties for legal reasons; and
  • Our affiliates.

We may have disclosed personal information to a third party for a business purpose in the last twelve (12) months.

* Personal Information collected through the short code/SMS program will not be shared, sold or leased to unaffiliated or affiliated third parties for their own marketing purposes. 

Your Rights and How to Exercise Them

The CPRA grants consumers (California residents) rights regarding the personal information that a business has collected about the consumer in the twelve (12) months prior to the consumer’s request.

Access Request Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

  • The categories of personal information we collected about you;
  • The categories of sources from which the personal information was collected;
  • The business or commercial purpose for collecting or disclosing personal information;
  • The categories of third parties with whom we share personal information; and
  • The specific pieces of personal information we collected about you.

Deletion Request Rights

Subject to certain exceptions, you have the right to request that we delete any of the personal information that we collected from you and have retained. Unless an exception applies, once we receive your request and confirm your identity (see Exercising Your Rights), we will delete your personal information from our records and direct our service providers to delete your personal information from their records.

We may deny your deletion request if we did not collect the information directly from you or we or our service providers need the information:

  • To complete a transaction or service that you requested;
  • For security purposes;
  • To identify and repair system errors;
  • For internal business purposes; or
  • To comply with a laws or legal obligation.

Correction Request Rights

You have the right to request we correct inaccurate personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will ensure your information is corrected and accurate. 

Opt Out of Sharing Rights

You have the right to opt-out of sharing for cross context behavioral advertising. Once we receive your request and confirm you identify (see Exercising Your Rights), we will opt you out of this advertising practice. 

Exercising Your Rights

To exercise your rights, please submit a request to us by either:

  • Completing the request form found HERE; or
  • Calling us toll-free at (844) 904-1030.

Only you, or an authorized agent appointed to act on your behalf, may make a request related to your personal information. You may also make a request on behalf of your minor child. If you are submitting a request on behalf of someone else, you will need to provide proof that you have been authorized by the consumer to make the request for them. To do so, please complete the form found HERE and email or mail it back to the contact information indicated below (see Contact Information).

You may only make an access request twice within a 12-month period.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. In order to verify your identity, we need information that allows us to reasonably verify that you are the person about whom we collected personal information. Information we request may include:

  • First, middle, and last name
  • Date of birth
  • Phone number
  • Address
  • Last four digits if your social security number
  • Policy or claim number

We will match these data points with information we have about you to confirm your identity. We will only use the personal information provided to us in a request in order to verify the requestor's identity or authority to make the 

Response Timing

We will confirm that we received your request within ten (10) days of receiving the request. We will respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to an additional 45 days) to respond to your request, we will inform you of the reason and the extension period in writing by mail or electronically based on your stated preference.

Non-Discrimination

If you choose to exercise your CPRA rights, we will not discriminate against you by:

  • Denying you goods or services;
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Providing you a different level or quality of goods or services; or
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of service.

Changes to Our Privacy Notice

We reserve the right at our discretion to amend this privacy notice at any time. When we make changes to this privacy notice, we will post the updated notice on our website (amfam.com) and update the notice's effective date. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which we collect and use your information, your choices and rights regarding such use, or wish to exercise your rights under California law, please contact us at:

Phone: (844) 904-1030

Email: PrivacyInfo@AmFam.com

Postal Address:

American Family Insurance
Attn: Corporate Compliance
6000 American Parkway
 Madison, WI, 53783