California Consumer Privacy Notice (job applicants, agents, agent team members, employees, business to business contacts)
We value your privacy.
This State Farm® California Consumer Privacy Notice describes how we collect, use and disclose the personal information of California consumers and the rights prescribed by the California Consumer Privacy Act (CCPA). Consumer, as defined by the CCPA includes current and former State Farm: employees, job applicants, agents and agent team members, contractors and persons we interact with in their capacity of representing another business (e.g. business to business contacts). This Notice applies to the personal information of these individuals collected or provided as a result of their employment or business relationship with State Farm.
Personal information protected by other laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Fair Credit Reporting Act (FCRA) is not regulated by the CCPA. Our privacy notices concerning personal information protected by laws such as HIPAA, can be found on our website.
In the event of a conflict between this Notice and other State Farm privacy notices or policies, this Notice will prevail as to California consumers’ rights under the CCPA.
The CCPA defines personal information as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Except where prohibited by law, we collect personal information such as, but not limited to:
Categories of Personal Information Collected and Disclosed | Categories of Third Parties to Whom Personal Information is Disclosed |
---|---|
1. Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number or passport number. | We may disclose identifiers to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
2. Personal Records such as physical characteristics or description, signature, telephone number, education, employment, employment history, insurance policy number, or any other financial information, medical information or health insurance information. | We may disclose personal records to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
3. Classifications such as sex, marital status, familial status, race and gender. | We may disclose classifications to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
4. Commercial Information such as personal property records, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | We may disclose commercial information to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
5. Biometric Information such as physiological, behavioral, and biological characteristics, that can be used to establish individual identity, including but not limited to fingerprints, voiceprints, retina scans from which an identifier template can be extracted, and other physical patterns, and sleep, health, or exercise data, that contain identifying information. | We may disclose biometric information to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
6. Internet Usage Information such as browsing history, search history and information regarding your interaction with an Internet Web Site, application or advertisement. | We may disclose internet usage information to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
7. Geolocation Data such as precise physical location or movements and travel patterns. | We may disclose geolocation data to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
8. Sensory Data such as audio recordings of customer care calls, electronic, visual or similar information. | We may disclose sensory data to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
9. Professional or Employment Information such as professional licenses or designations, employment history. | We may disclose professional or employment information to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
10. Education Information such as education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, education level, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records. | We may disclose education information to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
11. Inferences from Personal Information Collected such as creating a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes. | We may disclose inferences to third parties such as: other individuals, service providers, other vendors, credit reporting agencies, government agencies or other businesses. |
Personal information does not include public information lawfully made available from governmental records or de-identified or aggregate consumer information. We will implement technical safeguards to prohibit re-identification of de-identified information about you. We also reserve the right to create or allow others to create aggregate consumer information data sets by ensuring that individual consumer identities have been removed and are not linked or reasonably linkable to any consumer or household, including via a device. The CCPA does not require that such information be re-identified in response to a request made pursuant to the CCPA.
We retain personal information according to our retention schedules, which are established by our business needs, along with legal and regulatory requirements.
We use the personal information listed above for a variety of business-related purposes. The uses of personal information may depend on your exact relationship to State Farm. We may collect, use and disclose any of the personal information we collect to facilitate administrative functions, information technology operations, for legal and compliance reasons and corporate transactions. These functions include, but are not limited to the following:
- To manage and operate information technology and communications systems, risk management and insurance functions, budgeting, financial management and reporting, strategic planning
- To manage litigation, other legal disputes, inquiries and to meet legal and regulatory requirements
- In connection with a corporate transaction, sale, or assignment of assets, merger, divestiture, or other changes of control or financial status of the Company or any of its subsidiaries or affiliates
- To manage licenses, permits and authorizations applicable to the Company’s business operations
- To establish and maintain contact with you, emergency contacts you may designate, or beneficiaries
- To administer pay and benefits and to provide you with information related to your business relationship with State Farm
- To recruit and retain employees, State Farm agents, contractors and other business to business contacts
- For security purposes, for identity verification and to prevent fraud or loss of corporate assets
- To draft, negotiate contracts and/or agreements
- In conjunction with an investigation
- For analytics, statistics and reporting
- For advertising purposes
We restrict the use of personal information that is shared with our vendors for business purposes.
We generally do not use or disclose personal information related to employment or benefits for marketing purposes. However, it is possible that we may collect, use and disclose some personal information for commercial purposes
The CCPA requires us to state how we handle and process Global Privacy Control (“GPC”) signals, which is referred to in the CCPA as opt-out preference signal (“OOPS”). GPC/OOPS are signals sent by a platform, technology, or mechanism, enabled by individuals on their devices or browsers, that communicate the individual’s choice to opt-out of the Sale and Sharing of personal information. To use an OOPS/GPC, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the OOPS/GPC. As of January 1, 2023, the CCPA’s updated regulations, which are supposed to set forth requirements as to OOPS/GPC, have not yet been finalized. We will process OOPS/GPC as required when the regulations are finalized. In the meantime, to our knowledge, we have configured the settings of our consent management platform to receive and process GPC signals on our websites. Similar to when you configure cookies manually, GPC/OOPS will only apply to the browser and device you are currently using to visit our websites. It will not apply to a different browser or device. If you visit our webpages using a different browser or device, you will need to exercise your choice for each browser or device. In addition, your employer may prohibit the installation of such signals on your devices.
The California Consumer Privacy Act (CCPA) gives California residents the right to opt out of the “sale” or “sharing” of personal information.
We do not sell your personal information (PI) for monetary consideration. Third-Party digital businesses (“Third-Party Digital Businesses”) may associate cookies and other tracking technologies that collect personal information about you on our website, or otherwise collect and process personal information that we make available about you, including digital activity information. Giving access to personal information on our website, or otherwise, to Third-Party Digital Businesses could be deemed a “sale” and/or “sharing”. Therefore, we will treat such PI collected by Third-Party Digital Businesses (e.g., cookie ID, IP address, and other online IDs and internet or other electronic activity information) as such, and subject to the opt-out requests described above. In some instances, the PI we make available about you is collected directly by such Third-Party Digital Businesses using cookies or other tracking technologies on our website or our advertisements that are served on third-party sites (which we refer to as “cookie PI").
Please refer to the section “Sale or Sharing of Personal Information" in the CCPA Notice for more details.
Opt-out for cookie PI: You can exercise this right with respect to cookie PI by clicking on the “Do Not Sell or Share My Personal Information” link below, which will cause the cookie preferences pop-up menu to appear. You will need to click on each “toggle” within the cookie preferences pop-up menu and move it to the left, then click “save” in order to stop the collection of your personal information by the cookies and trackers. Your choice will only apply to the browser and device you are currently using to visit our websites. It will not apply to a different browser or device. If you visit our webpages using a different browser or device, you will need to exercise your choice for each browser or device. If you have a cookie blocker or similar tool enabled, it may prevent our cookie banner and the cookies preferences pop-up menu from appearing. Your preferences are saved via an essential cookie, so if you clear cookies from your browser, it will also clear the opt-out preferences that you have made.
If you do not wish to exercise your opt-out right with respect to all cookies, you can manage individual cookie preferences. However, you must follow the above instructions as to all cookie categories presented to you in order to opt out of the “sale” or “sharing” of your personal information. Please be aware that when you toggle off all cookies, the way our website functions may change. If at any point you want to update your cookie preferences, you may do so by clicking on the Do Not Sell or Share My Personal Information link which you can find on our cookie banner or at the bottom of each webpage.
DO NOT SELL OR SHARE MY PERSONAL INFORMATION (CA Residents Only)
In addition, third party tools enable you to search for and opt-out of some of these tracking devices, such as the Ghostery browser plug-in available at http://www.ghostery.com/. Further, we endeavor to comply with industry guidelines on behavioral advertising, and you can learn more about your choices regarding certain kinds of online interest-based advertising here. We do not represent that these third party tools, programs or statements are complete or accurate.
Current and former State Farm: employees, job applicants, agents, agent team members, contractors of State Farm and persons we interact with in their capacity of representing another business that are California residents have the privacy rights described in this section, subject to certain limitations. Personal information protected by other laws such as the Health Insurance Portability and Accountability Act (HIPAA), and the Fair Credit Reporting Act (FCRA) is exempted from the following CCPA rights. Personal information provided to us or collected by us in connection your employment or business relationship with State Farm may be protected by these laws and not subject to the following rights granted by the CCPA.
You may submit a request described below or submit one through an authorized agent (examples of an authorized agent may include a power of attorney, guardian, conservator or one registered with the California Secretary of State). Requests submitted to us are subject to review, identification and verification. We will acknowledge receipt of your request and provide information about processing the request and the verification process. We may ask you for information which allows us to confirm your identity in relation to information we currently have. In addition, we may require notarization of any forms submitted. We will reimburse you for reasonable fees incurred for the notarization of documents. We may also ask for documentation verifying that your designated agent is authorized to act on your behalf. We may not be able to fulfill your request if we are unable to verify you are the consumer that is the subject of the request, or that the agent is, in fact, authorized to act on your behalf.
We will make reasonable efforts to identify personal information that we collect, use and disclose to respond to your request. In some instances we may not be able to process a request because, for example, we may not be able to sufficiently verify your identity based on the information you provide to us in response to our verification process. In such instances, we will provide you with a written explanation as to the reason we cannot process your request.
In some cases, we may suggest that you receive the most recent or a summary of your personal information and give you the opportunity to elect whether to receive the rest of your personal information. We reserve the right to direct you to where you may access and copy responsive personal information.
The California Consumer Privacy Act contains several exemptions which may impact State Farm’s obligation to comply with any request made pursuant to CCPA. State Farm retains the right to apply any of the exemptions provided under CCPA to any request, at any time.
Instructions on making a request for personal information that is not protected by laws such as HIPAA and/or FCRA are contained in the Contact Us section.
You have the right to request the following, which will be provided for the period that is 12 months prior to the request date, unless otherwise specified (subject to some limitations):
- The specific pieces of personal information we have collected about you and are maintaining
- The categories of personal information we have collected about you
- The categories of sources from which we collected your personal information
- The business or commercial purposes for our collecting or selling your personal information
- The categories of third parties to whom we have shared your personal information
- A list of the categories of personal information disclosed for a business purpose in the prior 12 months, or a confirmation that no disclosure occurred
You may request we delete your personal information we collected directly from you and are maintaining. There may be instances where we are unable to delete personal information. The personal information may be:
- Necessary to complete a transaction or service you requested
- Needed for security purposes
- Needed to identify and repair system errors
- Needed for the exercise of free speech or exercise another right provided for by law
- Necessary for compliance with the California Electronic Communications Privacy Act
- Necessary for internal business purposes
- Needed to comply with laws or legal obligations
- Not something we collected directly from you
The CCPA gives California consumers the right to request a business to correct their inaccurate personal information, considering the nature of the personal information and the purposes for processing the personal information. We make commercially reasonable efforts to correct your personal information and may ask you for additional documentation to process your request.
The California Consumer Privacy Act (CCPA) gives California residents the right to opt out of the “sale” or “sharing” of personal information.
We do not sell your personal information (PI) for monetary consideration Third-Party digital businesses (“Third-Party Digital Businesses”) may associate cookies and other tracking technologies that collect personal information about you on our website, or otherwise collect and process personal information that we make available about you, including digital activity information. Giving access to personal information on our website, or otherwise, to Third-Party Digital Businesses could be deemed a “sale” and/or “sharing”. Therefore, we will treat such PI collected by Third-Party Digital Businesses (e.g., cookie ID, IP address, and other online IDs and internet or other electronic activity information) as such, and subject to the opt-out requests described above. In some instances, the PI we make available about you is collected directly by such Third-Party Digital Businesses using cookies or other tracking technologies on our website or our advertisements that are served on third-party sites (which we refer to as “cookie PI”).
Please refer to the section “Sale or Sharing of Personal Information" in the CCPA Notice for more details.
Opt-out for cookie PI: You can exercise this right with respect to cookie PI by clicking on the “Do Not Sell or Share My Personal Information” link below, which will cause the cookie preferences pop-up menu to appear. You will need to click on each “toggle” within the cookie preferences pop-up menu and move it to the left, then click “save” in order to stop the collection of your personal information by the cookies and trackers. Your choice will only apply to the browser and device you are currently using to visit our websites. It will not apply to a different browser or device. If you visit our webpages using a different browser or device, you will need to exercise your choice for each browser or device. If you have a cookie blocker or similar tool enabled, it may prevent our cookie banner and the cookies preferences pop-up menu from appearing. Your preferences are saved via an essential cookie, so if you clear cookies from your browser, it will also clear the opt-out preferences that you have made.
If you do not wish to exercise your opt-out right with respect to all cookies, you can manage individual cookie preferences. However, you must follow the above instructions as to all cookie categories presented to you in order to opt out of the “sale” or “sharing” of your personal information. Please be aware that when you toggle off all cookies, the way our website functions may change. If at any point you want to update your cookie preferences, you may do so by clicking on the Do Not Sell or Share My Personal Information link which you can find on our cookie banner or at the bottom of each webpage.
DO NOT SELL OR SHARE MY PERSONAL INFORMATION (CA Residents Only)
Please refer to the section entitled “Sale or Sharing of Personal Information” for more detail on your right to opt-out as well as other choices we offer relative to the use of cookies and tracking devices generally.
CCPA gives consumers the right not to be discriminated against or retaliated against because the consumer exercised any of the consumer’s rights under this title. State Farm does not unlawfully discriminate or retaliate against you for exercising your CCPA rights.
Under the CCPA, sensitive personal information may include such data as racial or ethnic orientation, religious beliefs, union membership, financial account information, geolocation, government issued ID numbers, sexual orientation, biometric or genetic data. State Farm only collect, uses, discloses or processes sensitive personal information within the scope of the CCPA and corresponding regulations. You should be aware that some of the information California defines as “sensitive” is also subject to other exemptions within the CCPA and would not be regulated by the CCPA.
If you are a current or former State Farm employee or job applicant, you may submit requests pursuant to the CCPA (such as Right to Know, Delete, Correction) in the following manner:
- Call us at 1-877-272-19991-877-272-1999
- Online:
- Via State Farm Forms if you have access to Company systems (you will need to be logged on at the time for access) OR
- Complete and return this form via U.S. Mail
If you are a current or former State Farm agent or agent team member you may submit requests pursuant to the California Consumer Privacy Act (Right to Know, Delete, Correction) in the following manner:
- Call us at 1-800-859-25041-800-859-2504
- Online:
- Via State Farm Forms if you have access to Company systems (you will need to be logged on at the time for access) OR
- Complete and return this form via U.S. Mail
If you are a current or former business to business contact (e.g., employee of a vendor or service provider) you may submit requests pursuant to the California Consumer Privacy Act (Right to Know, Delete, Correction) in the following manner:
- Call us at 1-800-635-60351-800-635-6035
- Online:
- Via State Farm Forms if you have access to Company systems (you will need to be logged on at the time for access) OR
- Complete and return this form via U.S. Mail
For more information on your California privacy rights contact us at 800-635-6035800-635-6035 or email us. Or write to us at:
State Farm
Attention: Enterprise Compliance & Ethics – Office of Privacy, C-2
PO Box 2322
Bloomington, IL 61704-2322
Statistics regarding State Farm’s handling of CCPA related requests can be found here.
Last Updated 05/2023