Effective: February 15, 2024
This Allstate Online Privacy Statement (“Privacy Statement”) describes the privacy practices of Allstate Insurance Company and the Allstate affiliated companies whose websites and mobile apps link to this Privacy Statement (“Allstate,” “we” “our” or “us”). This Privacy Statement explains the information we collect, why we collect it, how we use and share it, and the choices you can make regarding your information. More information about Allstate affiliates is in the Allstate Affiliates section at the end of this Privacy Statement.
Customers of Allstate’s insurance, investment and other financial products may also receive a privacy statement for those products in the initial policy package and annual policy documents. Those consumer privacy statements may contain additional information and rights relating to your customer relationship with us. Those privacy statements and this Allstate Online Privacy Statement explain our privacy practices and should be read together.
Information we collect and how we collect it
Allstate collects personal and other information about you. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you. Other, non-personal information does not and cannot reveal an individual’s identity such as information that has been de-identified or aggregated. The information we collect varies based on what products and services you have with us.
We collect personal information about you in several ways from several sources. We collect personal information directly from you including when you sign up for services, buy a product, subscribe to a membership or mailing list, set up an account with us, enroll in a mobile app feature such as Allstate Digital Footprint℠ or Drivewise® or during the quoting, registering, application, claims handling or roadside assistance processes. We and service providers working on our behalf collect personal information from you such as IP address, browsing history and other internet activity information when you use one of our websites, mobile apps, view our emails or otherwise engage with us through a computer or mobile device (“Sites”). We also collect personal information about you from third parties such as consumer reporting agencies, state agencies, such as departments of motor vehicles, service providers, marketing companies and data providers as well as individuals such as your spouse or your parent.
We collect the following categories of personal information:
|Personal information categories
|Name, alias, signature, postal address, phone number, date of birth, unique personal identifier, online identifier, email address, internet protocol (IP) address, state identification card number, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
|Age, race, ancestry, national origin, citizenship, religion, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information) and other descriptions of your physical characteristics (e.g., height).
|Service or product related information including policy coverage information, premiums, account name, policy number, payment history, claims history, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, account log-in, bank account number, credit or debit card number, other payment or financial information, health insurance information, driving record, credit information, medical history, or family member information. If you use the Allstate Digital Footprint℠feature, we will also access emails in your inbox.
|Biometrics and multimedia information
|Fingerprint, voice print, retinal print, scan of hand or facial geometry, audio, electronic, visual or similar information.
|Internet or other electronic network activity information
|Browsing history, search history, information regarding your interaction with our website, application or advertisement, links you use or web pages you visit while visiting our site or applications, browser type, internet service provider (ISP), cookies, and mobile device information including device identifier or other information.
|Physical location, movements, or trip tracking information.
|Professional or employment information
|Employment history, union membership, some contents of mail, e-mail and text messages on company devices, applications or communication platforms.
|Education records, grades or transcripts.
|Inferences drawn from any personal information collected to create a profile reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
Sensitive Personal Information: Some personal information we collect is defined under the law as sensitive personal information. Sensitive personal information we collect includes Social Security number, driver’s license number, state identification card number, passport number, customer account log-in, financial account number, debit card number, credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation information, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric information used for identification, personal health information and sexual orientation.
Use of your personal information
We use your personal and other information for business purposes including to:
Provide and maintain your services and products. We may use your personal information to provide or maintain your service, products, or membership including to set up a product or service or provide a product or service, maintain your account, service your policy, change your policy, handle a claim, complete a transaction, repair a product or respond to customer service requests or other inquiries. We may also collect information about other parties from you to carry out necessary services and/or requests, including adding another driver to your existing policy. If you provide us personal information about others, or if others give us your personal information, we will only use the information for the specific reason for which it was provided to us. If you use the Allstate Digital Footprint℠ feature, we will access the emails in your inbox to identify companies in your Digital Footprint. Additional information about uses and restrictions is in the Allstate Digital Footprint℠ section below.
Improve, develop and analyze our Sites, services and products. We use your personal information and other information to:
- analyze, improve, develop or deliver our Sites, products and services and develop new services, products or features using algorithms, analytics software and other similar methods,
- conduct actuarial or research studies to maintain, protect and develop our networks, services, and products and protect our customers, and
- analyze how visitors use our Sites to improve the Sites and enhance and personalize your experience.
We collect some information used for these purposes using analytics software, cookies and other tracking technologies. For more information about the collection and use of this information, see Online Tracking Technologies and Advertising below.
Communicate with you about your service or product. We may communicate with you about your product, service, account, policy or membership, provide you transaction confirmations, payment alerts or other service or product related messages via mail, email or other available methods such as push notifications.
Provide marketing communications. We may use your personal information to send you promotional communications about products, services, features, and options we believe may interest you. We may send communications via e-mail, regular mail or may send push notifications via a mobile device. We may also use your information to serve you ads or customized content online.
Comply with legal requirements and protect the safety and security of our business, services, and Sites. We may use your personal information to comply with laws, regulations or other legal obligations, to assist in an investigation, to protect and defend our rights and property or the rights of third parties or enforce terms and conditions. We may also use your personal information to prevent suspected fraud, threats to our network or other illegal activities, prevent misuse or for any other reason permitted by law.
Update or correct our records. We may receive personal information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine that personal information with other personal information we have about you to update our records. For example, we may obtain change of address information from public sources and use that personal information to update or correct your address.
Find locations on request. Your location may be obtained from the mobile device or the network using your device's Global Positioning System (GPS) functionality or directly from you. We may use your location information to search for information including searching for an agent, searching for a service provider, identifying the location of an accident or identifying the location of a roadside event you are reporting. If you do not want location information used, you can disable the GPS functionality on your mobile device.
We use sensitive personal information only as reasonably necessary to perform or maintain the services or provide goods you requested, to perform services on behalf of the business such as maintaining or servicing accounts, processing payments, to provide analytics services or similar services, to detect security incidents, resist malicious, deceptive, fraudulent, or illegal actions and to prosecute those responsible for those actions, to ensure customers and other peoples’ physical safety, for short-term use such as non-personalized advertising as part of our current interactions, to verify or maintain the quality or safety of service, improve, upgrade or enhance service, or other reasons that do not require an opt-out of this use.
We do not market any products or services to children under the age of thirteen or knowingly collect any information from children under the age of thirteen. We do not knowingly sell or share for cross-context behavioral advertising the personal information of consumers under the age of sixteen. Our website is not intended for children.
Sharing your information
We share personal information with other companies for various business purposes and strive to work with companies that share our commitment to privacy. We may share your personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement and we may also share personal information about you with third parties whenever you consent to or direct such sharing. We may share information with others in an aggregated or de-identified form that does not reasonably identify you. We do not sell your personal information except for the sharing of personal information for cross-context behavioral advertising as defined under California law as explained more below.
We may also share any of the categories of personal information described above with service providers and other third parties for business purposes or as required or permitted by law including with:
Companies involved in insurance and other business transactions: We share your personal information with other companies that play a role in an insurance transaction with you such as independent claims adjusters, repair shops, and other claims related companies. We may also share your personal information to participate in insurance support organizations.
Authorized agents or brokers: Allstate operates through agents and brokers who sell our services and products on our behalf. We may share your personal information with those agents or brokers to provide you with the services you’ve requested. They may use your personal information in the manner described in this Privacy Statement.
Service providers: Personal information may be shared with service providers who perform services on our behalf for a business purpose including service providers that:
- help complete transactions, handle a claim, service your policy or service your membership,
- engage in credit reporting or payment processing,
- provide marketing and advertising, email or other communication services,
- provide services that support our online activities including providing tracking technologies, web hosting and analytics,
- provide tax and accounting, legal services, delivery, and data enhancement services,
- provide technology services and enhance security, privacy and fraud protections,
- provide data analytics services or conduct research or actuarial studies, and
- provide support to our operations.
Marketing and advertising partners: We may share personal and other information with third party online and other marketing and advertising partners or permit these partners to collect personal information from you directly on our Sites to personalize online advertising. We may share personal information with other financial institutions or other companies with whom we have a joint marketing agreement. The Online tracking technologies and advertising section below has more details about these activities.
Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or similar proceedings.
Law enforcement, regulators and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:
- comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
- protect our or others safety, rights or property, and
- investigate fraud or to protect the security or integrity of our Sites or any product or services.
How long we keep your information
Online tracking technologies and advertising
Technologies and information collected: We, our service providers operating on our behalf and third parties, may collect information about your activity on, use of and access to our Sites using a variety of tracking technologies, including cookies, Flash objects, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we may collect this way may be combined with other personal information we collect directly from you. The information collected in this manner includes:
- The website from where you accessed our Sites, where you went to when you left our Sites, how frequently you visit our Sites, your location when you access our Sites, when and whether you open emails or click the links contained in emails, pages you visit and ads you view on our Sites, recordings of mouse clicks, mouse movements, keystrokes, and other communications you make on our Sites,
- Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
- Analytics information collected by us or via third party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics and behaviors of our users, and
- How often you use a mobile app, where the app was downloaded, events that occur within the app, aggregated usage, and performance data.
Use of the information: The information collected through tracking technologies allows us to provide you with an improved, enhanced and personalized customer experience, to monitor and improve our Sites and for other internal purposes such as:
- Remembering information so that you will not have to re-enter it during your visit or the next time you visit our Sites,
- Provide custom, personalized content and information, including targeted content, communications and advertising,
- Identify and contact you across multiple devices,
- Provide and monitor the effectiveness of our Sites,
- Perform analytics and detect usage patterns on our Sites,
- Diagnose or fix technology problems, and
- Detect or prevent fraud or other harmful activities.
Our service providers include Adobe and Google. To learn about Adobe Analytics privacy practices or to opt-out of cookies set to facilitate reporting, visit Adobe Privacy Center. To learn more about Google’s privacy practices, visit Google Privacy Center. To access and use the Google Analytics Opt-out Browser Add-on, visit Google Opt-out.
General choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to manage cookies in your browser settings to disable or block cookies, remove existing cookies, automatically accept cookies or to notify you when you receive a cookie. These settings are browser or device specific. Options available may vary by browser. If you disable, modify, or reject cookies, some parts or functionalities of our Site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services or promotions. Also, if you clear your cookies on your browser or make selections using a different device or browser, you may need to redo your cookie settings.
Targeted Online Advertising and Opt-outs: We or our online marketing and advertising providers may use information about your activities on our Sites or other websites to help tailor our advertisements or offers to your interests. On some of our websites, we allow third-party advertising companies to collect information about your activity on our Sites through cookies or other tracking technologies and combine that information with information they collect on other unrelated sites, which the advertising companies may use to provide you with relevant, targeted advertising. This sort of online advertising is called cross-context behavioral advertising under the California Consumer Privacy Act (CCPA). We do not knowingly share personal information for cross-context behavioral advertising of users under the age of sixteen.
CCPA provides California residents the right to opt-out of the “sharing” of your information for cross-context behavioral advertising. You can opt-out of this sharing via the “Do Not Sell or Share My Personal Information” link in the footer of our website or by visiting our preference center and selecting “Opt out of targeted online advertising.” You may also opt-out by enabling a universal tool that automatically communicates your opt-out preferences through browser settings such as the Global Privacy Control (“GPC”). All website visitors, regardless of residency, can opt-out of this sharing.
You can also limit receiving certain targeted online advertising referred to as Interest-Based Advertising by visiting NAI Consumer Opt Out (networkadvertising.org).
Opt-out choices apply only to the specific browser from which you opted out. Also, clearing cookies or browsing history will erase your opt-out selection. You may continue to see generic or non-targeted ads about our products and services if you opt-out of sharing for cross-context behavioral advertising or interest-based advertising.
Privacy rights and choices
Various federal and state laws provide privacy rights to consumers including the right to know, access, delete, or correct personal information, the right to opt-out of sharing of personal information with affiliates for marketing or the right to opt-out of receiving email marketing. These rights differ by state and also by the type of products and services you have with Allstate. For example, the rights to know, access, delete or correct under the California Consumer Privacy Act (CCPA) do not apply to personal information that is subject to certain federal and state laws governing insurance or health information.
Email marketing choices and other notifications: We may send you email marketing communications about products, features and services that may be of interest to you. To opt out from receiving marketing and promotional emails from us, please send us a request by email at email@example.com or click the unsubscribe link located at the bottom of each communication. If you opt out from receiving marketing emails, we may still send you non-marketing emails such as emails about your products or services, responses to your requests and inquiries, or notices of updates to terms and conditions or our privacy practices.
If you use My Account you can also manage email and other notifications and marketing preferences via the Notifications in the Settings menu. In the Mobile App, you can also manage email, text and push notification preferences, and marketing preferences via the Notifications screen in the Profile & Settings section.
Insurance customers' rights and choices
Insurance customer's right to access, review and correct personal information: Allstate insurance product customers can request to see or access their recorded personal information at any time. To do this, please email us at firstname.lastname@example.org or send a letter to Allstate Insurance Company, Customer Privacy Inquiries, P.O. Box 660598, Dallas, TX 75266-0598 with your request. When sending your initial email or letter, include only your name, state of residence, and the nature of your request; do not send any additional personal information. Proper identification may be required to fulfill the request. If you believe our information is incomplete or inaccurate, you can request that we correct it and we will make corrections if possible. Please note we may not be able to provide information relating to investigations, claims, litigation, and other matters. We will respond to all such requests within a reasonable time. We can’t change information provided to us by other companies like consumer reporting agencies. You will have to contact them directly.
You may also update, delete or modify your account profile information at any time by logging into your online account and making updates, or you may call us or contact your agent to correct the information.
Personal information sharing preferences: We would like to share your personal information with one or more Allstate affiliates in order to make you aware of different products, services and offers they can provide. However, you can request that Allstate not share your personal information with our affiliates for marketing products and services. For information about Allstate’s affiliates, see the Affiliates section at the end of this Privacy Statement.
To request that we not allow other Allstate affiliates use your personal information to market their products and services, please call us at 1-800-856-2518 twenty-four hours a day, seven days a week. Please keep in mind that it may take up to four weeks to process your request. If you previously contacted us and asked us not to allow other Allstate affiliates to use your personal information, your previous choice still applies, and you do not need to contact us again. If you would like to change your previous choice, please call the number above at any time.
State specific privacy rights and choices
California, Virginia and Connecticut residents:
California law provides residents with rights to know, access, correct and delete certain personal information, and the right to opt out of cross-context behavioral advertising described above. Similar rights exist for Virginia and Connecticut residents for some of the personal information we collect. While these rights apply only to some of the personal information we collect, and rights may differ based on the products and services you have with us, for transparency and for your convenience, you can submit a request no matter where you live.
Right to know and access your personal information: You may request the specific pieces of personal information we have collected about you and to know:
- the categories of personal information we’ve collected,
- the categories of sources from which personal information was collected,
- the business or commercial purpose for collecting the personal information, and
- the categories of third parties with whom we disclose or share personal information.
Right to deletion of personal information: You may request deletion of personal information collected from you, subject to certain exceptions including that we need the personal information to:
- Complete a transaction or provide a good or service you requested, service your account, or take actions reasonably anticipated within the context of our ongoing business relationship,
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
- Comply with a legal obligation, or
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Right to correct personal information: You may request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.
Non-discrimination rights: We don’t discriminate against you if you exercise any of the privacy rights described in this privacy statement.
Verified requests: To protect you and your personal information, we will only respond to access or deletion requests that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide several pieces of personal information, such as name and demographic information, which we only use to verify your identity or authority to make the request.
Submitting a request: To submit an access or deletion request, please visit Access/Delete webpage to submit an online request or call us at 1-800-624-4419. To submit a correction request, please visit Correction webpage to submit an online request or call us at 1-800-624-4419. Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period. Requests from authorized agents must be submitted via the same online portal or toll-free number but to protect your privacy, consumers will be required to verify their identity directly with us via our online portal or toll-free number.
Consumer request metrics:
Virginia and Connecticut resident right to appeal: If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal our response to your request, please visit Appeals webpage.
Montana residents: Pursuant to Montana law, you may request a record of any disclosure of your medical information during the preceding three years. Please send requests to Allstate Insurance Company, Customer Privacy Inquiries, P.O. Box 660598, Dallas, TX 75266-0598.
Nevada residents: Pursuant to Nevada law, if you do not want to receive sales calls from Allstate you may request to be placed on our internal “do not call” list. To make this request, call 1-800-255-7828 or email us by going to Allstate.com and clicking on Explore Allstate > Contact Us. Please make sure to provide us with your name, address and all telephone numbers you wish to include on our list. For further information, you may also contact the Office of the Nevada Attorney General, Bureau of Consumer Protection at:
Allstate’s “do not call” list is limited only to telephone solicitation calls. We may still contact you about your Allstate policy, billing issues, claims and other service matters.
We won't share your personal information with Allstate companies for marketing purposes except as allowed by Vermont law.
Social media, links and external sites
Links to other company’s websites may be provided on the Allstate Sites as a convenience to you. If you choose to go to these external websites, you will be subject to the privacy practices of those external websites; Allstate is not responsible for the privacy practices of those websites. We encourage you to be aware when you leave our Site to read the privacy policies or statements of every website you visit, as those privacy policies or statements may differ from ours. Our Privacy Statement applies solely to the Sites where this Privacy Statement appears.
Protecting your personal information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your personal information. However, no website, mobile application, database or system is completely secure or “hacker proof.” So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your personal information against unauthorized disclosure or misuse.
We limit access to your personal information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.
Allstate digital footprint
If you enroll in the Allstate Digital Footprint℠ feature through the mobile app, you provide Allstate access to your Microsoft and/or Google email accounts. We will only use the data accessed from your Microsoft and Google accounts to read, write, modify, or control email message bodies (including attachments), metadata, headers, and settings (“email data”) to:
- identify certain online accounts,
- notify you of known security breaches related to those accounts, and
- send data privacy requests, unsubscribe requests or deletion requests from your email account at your request.
We will not:
- transfer email data to others unless it is necessary to provide and improve features, comply with applicable law, or otherwise provide the services, use email data for serving advertisements, or
- allow a person to read your email data unless we have your affirmative agreement regarding specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for an Allstate product’s internal operations.
Changes to our privacy statement
We may periodically update or revise this Privacy Statement. The effective date at the top of the document shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means.
This Privacy Statement describes the privacy practices of Allstate Insurance Company and the Allstate affiliates whose websites and mobile apps link to this Privacy Statement including: Allstate insurance companies offering auto, home and business insurance; Allstate Assurance Company and their life and retirement affiliates; Allstate Financial Services; and Allstate roadside services and motor club companies and Signature roadside services and motor club companies.
Personal information may be shared for marketing purposes among Allstate Insurance Company and the Allstate affiliates listed above as well as these other affiliated companies that have separate online privacy statements: American Heritage Life Insurance Company (Allstate Benefits), Allstate Dealer Services, National General Insurance Group and its affiliates, Castle Key Insurance Company and Castle Key Indemnity Company, North Light Specialty Insurance Company, SquareTrade (Allstate Protection Plans), InfoArmor (Allstate Identity Protection), Avail, and Arity companies.