Allstate online privacy statement

Allstate collects personal and other information about you. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you. Other, non-personal information does not and cannot reveal an individual’s identity such as information that has been de-identified or aggregated. The information we collect varies based on what products and services you have with us.

We collect personal information about you in several ways from several sources. We collect personal information directly from you including when you sign up for services, buy a product, subscribe to a membership or mailing list, set up an account with us, enroll in a mobile app feature such as Allstate Digital Footprint℠ or Drivewise^® or during the quoting, registering, application, claims handling or roadside assistance processes. We and service providers working on our behalf collect personal information from you such as IP address, browsing history and other internet activity information when you use one of our websites, mobile apps, view our emails or otherwise engage with us through a computer or mobile device (“Sites”). We also collect personal information about you from third parties such as consumer reporting agencies, service providers, marketing companies and data providers.

We collect the following categories of personal information:

Sensitive Personal Information: Some personal information we collect is defined under the law as sensitive personal information. Sensitive personal information we collect includes Social Security number, driver’s license number, state identification card number, passport number, customer account log-in, financial account number, debit card number, credit card number in combination with any required security or access code, password, or credentials allowing access to an account, precise geolocation information, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric information used for identification, personal health information and sexual orientation or sexual history.

We do not sell your personal information. We also do not share personal information for cross-context behavioral advertising as defined under California law. We may share your personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement. We may also share personal information about you with third parties whenever you consent to or direct such sharing. We strive to work with companies that share our commitment to privacy. We may also share information with others in an aggregated or de-identified form that does not reasonably identify you. We strive to work with companies that share our commitment to privacy.

We may also share any of the categories of personal information described above with service providers and other third parties for business purposes or as required or permitted by law including with:

Companies involved in insurance and other business transactions: We share your personal information with other companies that play a role in an insurance transaction with you such as independent claims adjusters, repair shops, and other claims related companies. We may also share your personal information to participate in insurance support organizations.

Authorized agents or brokers: Allstate operates through agents and brokers who sell our services and products on our behalf. We may share your personal information with those agents or brokers to provide you with the services you’ve requested. They may use your personal information in the manner described in this Privacy Statement.

Service providers: Personal information may be shared with service providers who perform services on our behalf for a business purpose including service providers that:

• help complete transactions, handle a claim, service your policy or service your membership,
• engage in credit reporting or payment processing,
• provide marketing and advertising, email or other communication services,
• provide services that support our online activities including providing tracking technologies, web hosting and analytics,
• provide tax and accounting, legal services, delivery, and data enhancement services,
• provide technology services and enhance security, privacy and fraud protections,
• provide data analytics services or conduct research or actuarial studies, and
• provide support to our operations.

Marketing and advertising partners: We may share personal and other information with third party online and other marketing and advertising partners or permit these partners to collect personal information from you directly on our Sites to personalize online advertising. We may share personal information with other financial institutions or other companies with whom we have a joint marketing agreement. The Cookies and Other Tracking Technologies section below has more details about these activities.

Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or similar proceedings.

Law enforcement, regulators and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:

• comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
• protect our or others safety, rights or property, and
• investigate fraud or to protect the security or integrity of our Sites or any product or services.

Technologies and information collected: When you visit our Sites, we and our service providers automatically collect information about your use of and access to these Sites. We collect this information through a variety of tracking technologies, including cookies, Flash objects, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we collect automatically about you may be combined with other personal information we collect directly. The information collected in this manner includes:

• The website from where you accessed the Site, where you went to when you left the Site, how frequently you visit the Sites, when and whether you open emails or click the links contained in emails, pages you visit on our Sites, the links you click and ads you view, or your location when you access our Sites,
• Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
• Analytics information collected by us or via third party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics and behaviors of our users, and
• How often you use a mobile app, from where the app was downloaded, events that occur within the app, aggregated usage, and performance data.

Use of the information: The information collected through tracking technologies allows us to provide you with an improved, enhanced and personalized customer experience, to monitor and improve our Sites and for other internal purposes such as:

• Remembering information so that you will not have to re-enter it during your visit or the next time you visit the Sites,
• Provide custom, personalized content and information, including targeted content, communications and advertising,
• Identify and contact you across multiple devices,
• Provide and monitor the effectiveness of our Sites,
• Perform analytics and detect usage patterns on our Sites,
• Diagnose or fix technology problems,
• Detect or prevent fraud or other harmful activities, and
• Otherwise to plan for and enhance our Sites.

Our service providers include Adobe and Google. To learn about Adobe Analytics privacy practices or to opt-out of cookies set to facilitate reporting, click here. To learn more about Google's privacy practices, click here. To access and use the Google Analytics Opt-out Browser Add-on, click here.

Your choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to manage cookies in your browser settings to disable or block cookies, remove existing cookies, automatically accept cookies or to notify you when you receive a cookie. Options available may vary by browser. However, if you disable, modify, or reject cookies, some parts or functionalities of our Site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services or promotions.

Targeted online advertising and do not track: We or our marketing and advertising service providers may use information about your activities on our Sites or other websites, to help tailor our advertisements or offers to what may interest you — also called interest-based advertising. The information is collected using the tracking technologies explained above. To limit interest-based advertising click here.

You may continue to see generic or non-targeted ads about our products and services if you opt-out of interest-based advertising. Although we do our best to honor the privacy preferences of our visitors, we are currently not able to respond to “Do Not Track” signals from your browser.

California residents have certain rights under CCPA to access, correct and delete personal information, and other rights described below. Similar rights exist for Virginia residents for some of the personal information we collect. While these rights apply only to some of the personal information we collect, for transparency and for your convenience, you can submit a request no matter where you live.

Right to know and access your personal information: You have the right to request the specific pieces of personal information we have collected about you and the right to know:

• the categories of personal information we’ve collected,
• the categories of sources from which personal information was collected,
• the business purpose for collecting the personal information, and
• the categories of third parties with whom we disclose or share personal information.

Right to deletion of personal information: You have the right to request deletion of personal information collected from you, subject to certain exceptions including that we need the personal information to:

• Complete a transaction or provide a good or service you requested, service your account, or take actions reasonably anticipated within the context of our ongoing business relationship,
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
• Comply with a legal obligation, or
• Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Right to correct personal information: You have the right to request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.

Non-discrimination rights: We don’t discriminate against you if you exercise any of the privacy rights described in this privacy statement.

Verified requests: To protect you and your personal information, we will only respond to access or deletion requests that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide several pieces of personal information, such as name and demographic information, which we only use to verify your identity or authority to make the request.

Submitting a request: To submit an access or deletion request, please click here to submit an online request or call us at 1-800-624-4419. To submit a correction request, please click here to submit an online request or call us at 1-800-624-4419. Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period. Requests from authorized agents must be submitted via the same online portal or toll-free number but to protect your privacy, consumers will be required to verify their identity directly with us via our online portal or toll-free number.

Consumer Request Metrics:

Click here to view California Consumer Request Metrics.

Virginia resident right to appeal:

If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal for additional review of our inability to fulfill your request, please click here.

Insurance customer’s right to access, review and correct personal information:

Allstate insurance product customers can request to see or access their recorded personal information at any time. To do this, please email us at customerprivacy@allstate.com or send a letter to Allstate Insurance Company, Customer Privacy Inquiries, P.O. Box 660598, Dallas, TX 75266-0598 with your request. Proper identification may be required to fulfill the request. If you believe our information is incomplete or inaccurate, you can request that we correct it and we will make corrections if possible. Please note we may not be able to provide information relating to investigations, claims, litigation, and other matters. We will respond to all such requests within a reasonable time. We can’t change information provided to us by other companies like consumer reporting agencies. You will have to contact them directly.

You may also update, delete or modify your account profile information at any time by logging into your online account and making updates, or you may call us or contact your agent to correct the information.

Email Marketing Choices and Other Notifications: We may send you email marketing communications about products, features and services that may be of interest to you. To opt out from receiving marketing and promotional emails from us, please send us a request by email at customerprivacy@allstate.com or click the unsubscribe link located at the bottom of each communication. If you opt out from receiving marketing emails, we may still send you non-marketing emails such as emails about your products or services, responses to your requests and inquiries, or notices of updates to terms and conditions or our privacy practices.

If you use My Account you can also manage email and other notifications and marketing preferences via the Notifications in the Settings menu. In the Mobile App, you can also manage email, text and push notification preferences, and marketing preferences via the Notifications screen in the Profile & Settings section.

Personal Information Sharing Preferences: We would like to share your personal information with one or more Allstate affiliates in order to make you aware of different products, services and offers they can provide. However, you can request that Allstate not share your personal information with our affiliates for marketing products and services. For information about Allstate’s affiliates, see the Affiliates section at the end of this Privacy Statement.

To request that we not allow other Allstate affiliates use your personal information to market their products and services, please call us at 1-800-856-2518 twenty-four hours a day, seven days a week. Please keep in mind that it may take up to four weeks to process your request. If you previously contacted us and asked us not to allow other Allstate affiliates to use your personal information, your previous choice still applies, and you do not need to contact us again. If you would like to change your previous choice, please call the number above at any time.

Links to other company’s websites may be provided on the Allstate Sites as a convenience to you. If you choose to go to these external websites, you will be subject to the privacy practices of those external websites; Allstate is not responsible for the privacy practices of those websites. We encourage you to be aware when you leave our Site to read the privacy policies or statements of every website you visit, as those privacy policies or statements may differ from ours. Our Privacy Statement applies solely to the Sites where this Privacy Statement appears.

Our website includes Social Media features, such as the Facebook Like button and widgets, such as the Share This button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social Media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing it.

If you enroll in the Allstate Digital Footprint℠ feature through the mobile app, you provide Allstate access to your Microsoft and/or Google email accounts. We will only use the data accessed from your Microsoft and Google accounts to read, write, modify, or control email message bodies (including attachments), metadata, headers, and settings (“email data”) to:

• identify certain online accounts,
• notify you of known security breaches related to those accounts, and
• send data privacy requests, unsubscribe requests or deletion requests from your email account at your request.

We will not:

• transfer email data to others unless it is necessary to provide and improve features, comply with applicable law, or otherwise provide the services, use email data for serving advertisements, or
• allow a person to read your email data unless we have your affirmative agreement regarding specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for an Allstate product’s internal operations.

We may periodically update or revise this Privacy Statement. The effective date at the top of the document shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means.