Allstate online privacy statement

Allstate collects personal and other information about you. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you. Other, non-personal information does not and cannot reveal an individual’s identity such as information that has been de-identified or aggregated. The information we collect varies based on what products and services you have with us.

We collect personal information about you in several ways from several sources. We collect personal information directly from you including when you sign up for services, buy a product, subscribe to a membership or mailing list, set up an account with us, enroll in a mobile app feature such as Allstate Digital Footprint℠ or Drivewise^® or during the quoting, registering, application, claims handling or roadside assistance processes. We and service providers working on our behalf collect personal information from you such as IP address, browsing history and other internet activity information when you use one of our websites, mobile apps, view our emails or otherwise engage with us through a computer or mobile device (“Sites”). We also collect personal information about you from third parties such as consumer reporting agencies, state agencies, such as departments of motor vehicles, service providers, marketing companies and data providers as well as individuals such as your spouse or your parent.

We collect the following categories of personal information:

Sensitive Personal Information: Some personal information we collect is defined under the law as sensitive personal information. Sensitive personal information we collect includes Social Security number, driver’s license number, state identification card number, passport number, customer account log-in, financial account number, debit card number, credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation information, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric information used for identification, personal health information and sexual orientation.

We do not sell your personal information. We also do not share personal information for cross-context behavioral advertising as defined under California law. We may share your personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement. We may also share personal information about you with third parties whenever you consent to or direct such sharing. We strive to work with companies that share our commitment to privacy. We may also share information with others in an aggregated or de-identified form that does not reasonably identify you.

We may also share any of the categories of personal information described above with service providers and other third parties for business purposes or as required or permitted by law including with:

Companies involved in insurance and other business transactions: We share your personal information with other companies that play a role in an insurance transaction with you such as independent claims adjusters, repair shops, and other claims related companies. We may also share your personal information to participate in insurance support organizations.

Authorized agents or brokers: Allstate operates through agents and brokers who sell our services and products on our behalf. We may share your personal information with those agents or brokers to provide you with the services you’ve requested. They may use your personal information in the manner described in this Privacy Statement.

Service providers: Personal information may be shared with service providers who perform services on our behalf for a business purpose including service providers that:

• help complete transactions, handle a claim, service your policy or service your membership,
• engage in credit reporting or payment processing,
• provide marketing and advertising, email or other communication services,
• provide services that support our online activities including providing tracking technologies, web hosting and analytics,
• provide tax and accounting, legal services, delivery, and data enhancement services,
• provide technology services and enhance security, privacy and fraud protections,
• provide data analytics services or conduct research or actuarial studies, and
• provide support to our operations.

Marketing and advertising partners: We may share personal and other information with third party online and other marketing and advertising partners or permit these partners to collect personal information from you directly on our Sites to personalize online advertising. We may share personal information with other financial institutions or other companies with whom we have a joint marketing agreement. The Cookies and Other Tracking Technologies section below has more details about these activities.

Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or similar proceedings.

Law enforcement, regulators and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:

• comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
• protect our or others safety, rights or property, and
• investigate fraud or to protect the security or integrity of our Sites or any product or services.

Technologies and information collected: When you visit our Sites, we and our service providers automatically collect information about your use of and access to these Sites. We collect this information through a variety of tracking technologies, including cookies, Flash objects, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we collect automatically about you may be combined with other personal information we collect directly. The information collected in this manner includes:

• The website from where you accessed our Sites, where you went to when you left our Sites, how frequently you visit our Sites, your location when you access our Sites, when and whether you open emails or click the links contained in emails, pages you visit and ads you view on our Sites, recordings of mouse clicks, mouse movements, keystrokes, and other communications you make on our Sites,
• Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
• Analytics information collected by us or via third party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics and behaviors of our users, and
• How often you use a mobile app, from where the app was downloaded, events that occur within the app, aggregated usage, and performance data.

Use of the information: The information collected through tracking technologies allows us to provide you with an improved, enhanced and personalized customer experience, to monitor and improve our Sites and for other internal purposes such as:

• Remembering information so that you will not have to re-enter it during your visit or the next time you visit our Sites,
• Provide custom, personalized content and information, including targeted content, communications and advertising,
• Identify and contact you across multiple devices,
• Provide and monitor the effectiveness of our Sites,
• Perform analytics and detect usage patterns on our Sites,
• Diagnose or fix technology problems,
• Detect or prevent fraud or other harmful activities, and
• Otherwise to plan for and enhance our Sites.

Our service providers include Adobe and Google. To learn about Adobe Analytics privacy practices or to opt-out of cookies set to facilitate reporting, visit Adobe Privacy Center. To learn more about Google’s privacy practices, visit Google Privacy Center. To access and use the Google Analytics Opt-out Browser Add-on, visit Google Opt-out.

Your choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to manage cookies in your browser settings to disable or block cookies, remove existing cookies, automatically accept cookies or to notify you when you receive a cookie. Options available may vary by browser. However, if you disable, modify, or reject cookies, some parts or functionalities of our Site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services or promotions.

Targeted online advertising and do not track: We or our marketing and advertising service providers may use information about your activities on our Sites or other websites, to help tailor our advertisements or offers to what may interest you — also called interest-based advertising. The information is collected using the tracking technologies explained above. To limit interest-based advertising visit Interest-based Advertising Opt-out.

You may continue to see generic or non-targeted ads about our products and services if you opt-out of interest-based advertising. Although we do our best to honor the privacy preferences of our visitors, we are currently not able to respond to “Do Not Track” signals from your browser.

California, Virginia and Connecticut residents:
California residents have certain rights under California Consumer Privacy Act (CCPA) to access, correct and delete personal information, and other rights described below. Similar rights exist for Virginia and Connecticut residents for some of the personal information we collect. While these rights apply only to some of the personal information we collect, for transparency and for your convenience, you can submit a request no matter where you live.

Right to know and access your personal information: You have the right to request the specific pieces of personal information we have collected about you and the right to know:

• the categories of personal information we’ve collected,
• the categories of sources from which personal information was collected,
• the business or commercial purpose for collecting the personal information, and
• the categories of third parties with whom we disclose or share personal information.

Right to deletion of personal information: You have the right to request deletion of personal information collected from you, subject to certain exceptions including that we need the personal information to:

• Complete a transaction or provide a good or service you requested, service your account, or take actions reasonably anticipated within the context of our ongoing business relationship,
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
• Comply with a legal obligation, or
• Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Right to correct personal information: You have the right to request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.

Non-discrimination rights: We don’t discriminate against you if you exercise any of the privacy rights described in this privacy statement.

Verified requests: To protect you and your personal information, we will only respond to access or deletion requests that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide several pieces of personal information, such as name and demographic information, which we only use to verify your identity or authority to make the request.

Submitting a request: To submit an access or deletion request, please visit Access/Delete webpage to submit an online request or call us at 1-800-624-4419. To submit a correction request, please visit Correction webpage to submit an online request or call us at 1-800-624-4419. Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period. Requests from authorized agents must be submitted via the same online portal or toll-free number but to protect your privacy, consumers will be required to verify their identity directly with us via our online portal or toll-free number.

Consumer request metrics:

View California Consumer Request Metrics.

Virginia and Connecticut resident right to appeal: If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal for additional review of our inability to fulfill your request, please visit Appeals webpage.

Montana residents: Pursuant to Montana law, you may request a record of any disclosure of your medical information during the preceding three years. Please send requests to Allstate Insurance Company, Customer Privacy Inquiries, P.O. Box 660598, Dallas, TX 75266-0598.

Nevada residents: Pursuant to Nevada law, if you do not want to receive sales calls from Allstate you may request to be placed on our internal "do not call" list. To make this request, call 1-800-255-7828 or email us by going to Allstate.com and clicking on Explore Allstate > Contact Us. Please make sure to provide us with your name, address and all telephone numbers you wish to include on our list. For further information, you may also contact the Office of the Nevada Attorney General, Bureau of Consumer Protection at:

555 E. Washington Avenue, Suite 3900
Las Vegas, NV 89101
Phone: (702) 486-3132
Email: BCPINFO@ag.state.nv.us

Allstate's "do not call" list is limited only to telephone solicitation calls. We may still contact you about your Allstate policy, billing issues, claims and other service matters.

Vermont residents:
We won't share your personal information with Allstate companies for marketing purposes except as allowed by Vermont law.

Protecting your personal information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your personal information. However, no website, mobile application, database or system is completely secure or "hacker proof.'' So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your personal information against unauthorized disclosure or misuse.

We limit access to your personal information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.

If you should have questions or concerns about our privacy practices, please contact us at 1-800-624-4419.

This Privacy Statement describes the privacy practices of Allstate Insurance Company and the Allstate affiliates whose websites and mobile apps link to this Privacy Statement including: Allstate insurance companies offering auto, home and business insurance; Allstate Assurance Company and their life and retirement affiliates; Allstate Financial Services; and Allstate roadside services and motor club companies and Signature roadside services and motor club companies.

Personal information may be shared for marketing purposes among Allstate Insurance Company and the Allstate affiliates listed above as well as these other affiliated companies that have separate online privacy statements: American Heritage Life Insurance Company (Allstate Benefits), Allstate Dealer Services, National General Insurance Group and its affiliates, Castle Key Insurance Company and Castle Key Indemnity Company, North Light Specialty Insurance Company, SquareTrade (Allstate Protection Plans), InfoArmor (Allstate Identity Protection), Avail, and Arity companies.