INFOARMOR, INC. (known as ALLSTATE IDENTITY PROTECTION) PRIVACY STATEMENT
(available at: https://www.allstateidentityprotection.com/privacy and https://www.myinfoarmor.com/privacy)
Effective Date: June 26, 2024
Your privacy is very important to us. This Privacy Statement (“Privacy Statement”) describes the privacy practices of InfoArmor, Inc. (known as “Allstate Identity Protection”, “we”, “our” or “us”). and the affiliated companies whose websites and mobile apps link to this Privacy Statement. This Privacy Statement explains the information we collect, why we collect it, how we use and share it, and the choices you can make regarding your information.
Use the Table of Contents to link directly to a specific section or scroll down to read the full Privacy Statement.
Full Privacy Statement
SUMMARY OF OUR PRIVACY STATEMENT
The following summarizes the key terms and principles of our Privacy Statement. For more detail, refer to the full Privacy Statement.
Information We Collect and How We Collect It: We collectpersonalinformation about you in several ways and from several sources including:
Directly when you buy a service or product from us. Information collected may include name, address and other important identifying information,
Automatically when you interact with us online. Information collected may include IP address, cookies, browsing history and other device and internet information, and
From other parties to help us set up, manage, protect or service your account or products or to market to you, such as service providers, platform partners, your employer (if receiving the services as an employee benefit), business partners, marketing companies, consumer reporting agencies and data providers.
Use of Your Personal Information: We use your information for many reasons, including to:
Provide and maintain your account, services and products,
Authenticate you to allow you to access our app using your device’s biometric technology (note that (i) we only do this if you choose to activate it on your device, and (ii) we never receive your biometric data; it remains on your device),
Perform analytics and research studies to improve, develop and protect our websites, mobile apps, services and products,
Let you know about updates or important information about your products,
Provide marketing or advertising that might be of interest to you,
Send you educational material and blog posts to which you have subscribed, and
Protect our business, services, customers, websites or comply with legal requirements.
Sharing Your Information: We share your information with others for business purposes, including with:
Our affiliates,
Companies that are involved in business transactions,
Authorized brokers and partners,
Service providers,
Online and other marketing and advertising partners,
Third parties in connection with a business transaction, and
Law enforcement, regulators and other parties for legal reasons.
Online Tracking Technologies and Advertising: We, our service providers operating on our behalf and third parties, may collect information about your activity on, use of and access to our Sites using a variety of tracking technologies, including cookies, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we may collect this way may be combined with other personal information we collect directly from you.
Privacy Rights and Choices: Various federal and state laws provide privacy rights to consumers including the right to know, access, delete, or correct personal information, the right to opt-out of sharing of personal information with affiliates for marketing or the right to opt-out of receiving email marketing. These rights differ by state and also by the type of products and services you have with us.
INFORMATION WE COLLECT AND HOW WE COLLECT IT
We collect personal and other information about you. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with you. Other, non-personal information does not reveal an individual’s identity such as information that has been de-identified or aggregated. The type and amount of information we collect varies based on what products and services you have with us.
We collect personal information about you in several ways from several sources. We collect personal information directly from you including when you sign up for services, buy a product, subscribe to a membership or mailing list, set up an account with us, activate a feature such as mobile app. We and service providers working on our behalf collect personal information from you such as IP address, browsing history and other internet activity information when you use one of our websites, contact us via telephone to our customer care team, mobile apps, view our emails or otherwise engage with us through a computer or mobile device (“Sites”). We also collect personal information about you from third parties such as platform partners, your employer (if receiving the services as an employee benefit), business partners, consumer reporting agencies, service providers, marketing companies and data providers as well as individuals such as your spouse or your parent.
We collect the following categories of personal information:
CATEGORIES | EXAMPLES |
PERSONAL IDENTIFIERS | Name, alias, signature, postal address, phone number, date of birth, unique personal identifier, online identifier, email address, internet protocol (IP) address, state identification card number, Social Security number, driver's license number, passport number, or other similar identifiers. |
PERSONAL CHARACTERISTICS | Age, race, national origin, marital status, sex (including gender, gender identity or gender expression). |
COMMERCIAL INFORMATION | Service or product related information including account name, payment history, records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies, account log-in, bank account number, credit or debit card number, other payment or financial information, credit information or family member information. |
MULTIMEDIA INFORMATION | Audio, electronic, visual or similar information. |
INTERNET OR OTHER ELECTRONIC NETWORK ACTIVITY INFORMATION | Browsing history, search history, information regarding your interaction with our website, application or advertisement, links you use or web pages you visit while visiting our site or applications, browser type, internet service provider (ISP), cookies, and mobile device information including device identifier or other information. |
INFERENCES | Inferences drawn from any personal information collected to create a profile reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
Sensitive Personal Information: Some personal information we collect is defined under the law as sensitive personal information. Sensitive personal information we collect includes: Social Security number, driver’s license number, state identification card number, passport number, customer account log-in, financial account number, debit card number, credit card number in combination with any required security or access code, password or credentials, racial or ethnic origin and contents of mail, email, and text messages where we are not the intended recipient of the communication.
USE OF YOUR PERSONAL INFORMATION
We use your personal information for business purposes including to:
Provide and maintain your services and products.
We may use your personal information to provide or maintain your service, products, plan or account, including to
(i) enroll you in our identity protection products or complete another transaction, (ii) carry out your requested identity protection services, which includes monitoring and identifying suspicious behavior related to your identity, (iii) respond to your customer service requests or other inquiries, (iv) perform identity and credit remediation processes, for fraud protection and risk reduction measures, and (v) administer your account or, make requested changes to your plan. We may also collect information about other parties from you to carry out necessary services and/or requests, including adding another family member to your existing plan. If you provide us personal information about others, or if others give us your personal information, we will use the information consistent with the reasons for which it was provided. If you use the Allstate Digital Footprint℠ feature, we will access the emails in your inbox to identify companies in your Digital Footprint. Additional information about uses and restrictions is in the Allstate Digital Footprint℠ section below.
Improve, develop, and analyze our Sites, services, and products. We use your personal information and other information to:
analyze, improve, develop, or deliver our Sites, products and services and develop new services, products or features using algorithms, analytics software, and other similar methods,
conduct actuarial or research studies to maintain, protect and develop our networks, services, and products and protect our customers, and
analyze how visitors use our Sites to improve the Sites and enhance and personalize your experience.
We collect some information used for these purposes using analytics software, cookies, and other tracking technologies. For more information about the collection and use of this information, see Cookies and Other Tracking Technologies below.
Communicate with you about your service or product. We may communicate with you about your product, service, account, or membership, provide you transaction confirmations, payment alerts or other service or product related messages via mail, email, or other available methods such as push notifications and text messages, if requested. We may also send you educational materials and blog posts to which you have subscribed.
Provide marketing communications. We may use your personal information to send you promotional communications about products, services, features, and options we believe may be of interest to you. We may send communications via e-mail, regular mail or may send push notifications via a mobile device. We may also use your information to serve you ads or customized content online.
Comply with legal requirements and protect the safety and security of our business, services and Sites. We may use your personal information to comply with laws, regulations, or other legal obligations, to assist in an investigation, or to enforce terms and conditions. We may use your personal information to protect and defend our rights, network, Sites and other property and the rights of third parties including affiliates and customers. We may also use your personal information to prevent suspected fraud, threats to our network or other illegal activities, prevent misuse or for any other reason permitted by law.
Update or correct our records. We may receive personal information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine that personal information with other personal information we have about you to update our records. For example, we may obtain change of address information from public sources and use that personal information to update or correct your address.
We use sensitive personal information only as reasonably necessary to perform or maintain the services or provide goods you requested, to perform services on behalf of the business such as maintaining or servicing accounts, processing payments, to provide analytics services or similar services, to detect security incidents, resist malicious, deceptive, fraudulent, or illegal actions and to prosecute those responsible for those actions, to ensure customers and other peoples’ physical safety, for short-term use such as non-personalized advertising as part of our current interactions, to verify or maintain the quality or safety of service, improve, upgrade or enhance service, or other reasons that do not require an opt-out of this use.
We do not market any products or services to children under the age of thirteen or knowingly collect any information from children under the age of thirteen. Parents or legal guardians may provide information about their children to us to use certain family plan features. We do not knowingly sell or share for cross-context behavioral advertising the personal information of consumers under the age of sixteen. Our website is not intended for children.
SHARING YOUR INFORMATION
We share personal information with other companies for various business purposes and strive to work with companies that share our commitment to privacy. We may share your personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement and we may also share personal information about you with third parties whenever you consent to or direct such sharing. We may share information with others in an aggregated or de-identified form that does not reasonably identify you. We do not sell your personal information except for the sharing of personal information for cross-context behavioral advertising as defined under California law as explained below.
We may share any of the categories of personal information described above with service providers and other third parties for business purposes or as required or permitted by law including with:
Authorized brokers or partners: We operate through brokers or companies we partner with who sell our services and products on our behalf. We may share your personal information with those brokers or partners to provide you with the services you’ve requested. They may use your personal information in the manner described in this Privacy Statement. If you enrolled for our services through your employer, we may also share information with your employer for accounting and billing purposes.
Service providers: Personal information may be shared with service providers who perform services on our behalf for a business purpose including service providers that:
help complete transactions or handle a fraud reimbursement claim
engage in payment processing,
provide marketing and advertising, email, or other communication services,
provide services that support our online activities including improving the product or customer experience, providing tracking technologies, web hosting and analytics,
provide tax and accounting, legal services, delivery, and data enhancement services,
provide technology services and enhance security, privacy, and fraud protections,
provide data analytics services or conduct research or actuarial studies, and
provide support to our operations.
Marketing and advertising partners: We may share personal and other information with third party online and other marketing and advertising partners or permit these partners to collect personal information from you directly on our Sites to personalize online advertising. We may share personal information with other financial institutions or other companies with whom we have a joint marketing agreement. The Online Tracking Technologies and Advertising section below has more details about these activities.
Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or similar proceedings.
Law enforcement, regulators, and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:
comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
protect our or others safety, rights, or property, and
investigate fraud or to protect the security or integrity of our Sites or any product or services.
Our service providers and third-party marketing and advertising partner includes Google. To learn more about Google’s privacy practices and to manage privacy controls, visit Google Privacy Center. To access and use the Google Analytics Opt-out Browser Add-on, visit Google Opt-out.
We share the following categories of personal information with the following parties:
CATEGORIES OF PERSONAL INFORMATION | CATEGORIES OF THIRD PARTIES |
PERSONAL IDENTIFIERS | Authorized brokers or partners; Service providers; Marketing and advertising partners; Third parties involved in a business transaction; Law enforcement or regulators. |
PERSONAL CHARACTERISTICS | Authorized brokers or partners; Service providers; Marketing and advertising partners; Third parties involved in a business transaction; Law enforcement or regulators. |
COMMERICAL INFORMATION | Authorized brokers or partners; Service providers; Marketing and advertising partners; Third parties involved in a business transaction; Law enforcement or regulators. |
MULTIMEDIA INFORMATION | Authorized brokers or partners; Service providers; Third parties involved in a business transaction; Law enforcement or regulators. |
INTERNET OR OTHER ELECTRONIC NETWORK ACTIVITY INFORMATION | Service providers; Marketing and advertising partners; Law enforcement or regulators. |
INFERENCES | Authorized brokers or partners; Service providers; Marketing and advertising partners; Third parties involved in a business transaction; Law enforcement or regulators. |
HOW LONG WE KEEP YOUR INFORMATION
We retain personal information in accordance with applicable laws or regulatory requirements and also for as long as necessary to fulfill the purposes for which it was collected and to fulfill the business or commercial purposes that are explained in this Privacy Statement.
ALLSTATE DIGITAL FOOTPRINTSM AND COLLECTION OF YOUR EMAIL DATA
If you enroll in the Allstate Digital FootprintSM feature, you provide Allstate Identity Protection with access to your Microsoft, Google and/or other available provider email accounts. We will only use the data accessed from your Microsoft, Google and/or other available provider accounts to read, write, modify, or control email message bodies (including attachments), metadata, headers, and settings ("email data") to:
identify certain online accounts
notify you of known security breaches related to those accounts, and
send data privacy, unsubscribe or deletion requests from your email account at your request
We will not:
transfer email data to others unless it is necessary to provide and improve features, comply with applicable law, or otherwise provide the services
use email data for serving advertisements, or
allow a person to read your email data unless we have your affirmative agreement regarding specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for an Allstate Identity Protection product’s internal operation.
Allstate Identity Protection’s use and transfer to any other app of information received from Google email accounts will adhere to Google API Services User Data Policy, including the limited use requirements, which are accessible at Google API Services User Data Policy.
FAMILY PLAN ACCOUNT ACCESS
With our Family Plan, using our portal, a primary subscriber sends an email invitation to each authorized adult family member enabling each of them to access and manage the Products by creating a separate account. If the primary subscriber does not create family invitations from within our portal, both the primary subscriber and all authorized adult family members agree to have their alerts, reports, scores and other disclosures made through the primary subscriber’s account. The primary subscriber will always manage minor dependents under a Family Plan. All such family members must be individually registered to be covered by our Products.
ONLINE TRACKING TECHNOLOGIES AND ADVERTISING
Technologies and Information Collected: We, our service providers operating on our behalf and third parties, may collect information about your activity on, use of and access to our Sites using a variety of tracking technologies, including cookies, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we may collect this way may be combined with other personal information we collect directly from you. The information collected in this manner includes:
The website from where you accessed our Sites, where you went to when you left our Sites, how frequently you visit our Sites, your location when you access our Sites, when and whether you open emails or click the links contained in emails, pages you visit and ads you view on our Sites, recordings of mouse clicks, mouse movements, keystrokes, and other communications you make on our Sites,
Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
Analytics information collected by us or via third party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics and behaviors of our users, and
How often you use a mobile app, from where the app was downloaded, events that occur within the app, aggregated usage, and performance data.
Use of the information: The information collected through tracking technologies allows us to provide you with an improved, enhanced, and personalized customer experience, to monitor and improve our Sites and for other internal purposes such as:
Remembering information so that you will not have to re-enter it during your visit or the next time you visit the Sites,
Provide custom, personalized content and information, including targeted content, communications, and advertising,
Identify and contact you across multiple devices,
Provide and monitor the effectiveness of our Sites,
Perform analytics and detect usage patterns on our Sites,
Diagnose or fix technology problems, and
Detect or prevent fraud or other harmful activities
General choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to manage cookies in your browser settings to disable or block cookies, remove existing cookies, automatically accept cookies or to notify you when you receive a cookie. These settings are browser or device specific. Options available may vary by browser. However, if you disable, modify, or reject cookies, some parts or functionalities of our Site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services or promotions. Also, if you clear your cookies on your browser or make selections using a different device or browser, you may need to redo your cookie settings.
Targeted Online Advertising/Cross-Context Behavioral Advertising
We or our online marketing and advertising providers may use information about your activities on our Sites or other websites to help tailor our advertisements or offers to your interests. On some of our websites, we allow third-party advertising companies to collect information about your activity on our Sites through cookies and similar technologies and combine that information with information they collect on other unrelated sites, which these advertising companies may use to provide you with relevant, targeted advertising. This sort of online advertising is called cross-context behavioral advertising under the California Consumer Privacy Act (CCPA). We do not knowingly share personal information for cross-context behavioral advertising of users under the age of sixteen.
CCPA provides California residents the right to opt-out of the “sharing” of your information for cross-context behavioral advertising. You can opt-out of this sharing via the “About ads/do not sell or share my personal information” link in the footer of our website and selecting “Opt-out of targeted online advertising.” You may also opt-out by enabling a universal tool that automatically communicates your opt-out preferences through browser settings such as Global Privacy Control (“GPC”). All website visitors, regardless of residency, can opt-out of this sharing.
You may continue to see generic or non-targeted ads about our products and services if you opt-out of sharing for cross-context behavioral advertising or interest-based advertising. Also, your opt-out choices will only apply to the specific browser from which you opt out. The opt-out will disappear if you clear your cookies or browsing data.
Although we do our best to honor the privacy preferences of our visitors, we are currently not able to respond to “Do Not Track” signals from your browser.
PRIVACY RIGHTS AND CHOICES
Various federal and state laws provide privacy rights to consumers including the right to know, access, delete, or correct personal information, the right to opt-out of sharing of personal information with affiliates for marketing or the right to opt-out of receiving email marketing. These rights differ by state and also by the type of products and services you have with us.
Email Marketing Choices and Other Notifications: We may send you email marketing communications about products, features and services that may be of interest to you. To opt out from receiving marketing and promotional emails from us, please click manage your email preferences to submit your request or click the unsubscribe link located at the bottom of each communication. If you opt out from receiving marketing emails, we may still send you non-marketing emails such as emails about your products or services, responses to your requests and inquiries, or notices of updates to terms and conditions or our privacy practices.
STATE SPECIFIC PRIVACY RIGHTS AND CHOICES
California, Virginia Texas, Oregon, New Hampshire and Connecticut Residents:
California residents have certain rights under California Consumer Privacy Act (CCPA) to access, correct and delete personal information, and other rights described below. Similar rights exist for Virginia, Texas, Oregon, New Hampshire and Connecticut residents for some of the personal information we collect. While these rights apply only to some of the personal information we collect, for transparency and for your convenience you can submit a request no matter where you live.
Right to Know and Access Your Personal Information: You have the right to request the specific pieces of personal information we have collected about you and the right to know:
the categories of personal information we’ve collected,
the categories of sources from which personal information was collected,
the business or commercial purpose for collecting the personal information, and
the categories of third parties with whom we disclose or share personal information.
Right to Deletion of Personal Information: You have the right to request deletion of personal information collected from you, subject to certain exceptions including that we need the personal information to:
Complete a transaction or provide a good or service you requested, service your account, or take other actions reasonably anticipated or aligned within the context of our ongoing business relationship,
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
Comply with a legal obligation, or
Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Right to Correct Personal Information: You have the right to request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.
Non-Discrimination Rights: We don’t discriminate against you if your exercise any of the privacy rights described in this privacy statement.
Verified Requests: To protect you and your personal information, we will only respond to requests to know, access, delete or correct that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide several pieces of personal information, such as your social security number (partial) or date of birth, which we only use to verify your identity or authority to make the request.
Submitting a Request: To submit an access or deletion request, please follow the instructions below:
If you are a subscriber or former subscriber of “Allstate Identity Protection,” please click Allstate Identity Protection's Privacy Request Intake Form to submit an online request or call us at 1-800-593-5106.
If you are a subscriber or former subscriber of “InfoArmor Identity Protection,” please click InfoArmor's Privacy Request Intake Form to submit an online request or call us at 1-800-998-1748.
To submit a correction request, please follow the instructions below:
If you are a subscriber or former subscriber of “Allstate Identity Protection,” please click Allstate Identity Protection's Data Correction Process.
If you are a subscriber or former subscriber of “InfoArmor Identity Protection,” please click InfoArmor's Data Correction Process.
Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period. Requests from individuals authorized to submit via the same online portal or toll-free number but to protect your privacy, consumers will be required to verify their identity directly with us via our online portal or toll-free number.
Click Consumer Request Metrics to view California Consumer Request Metrics.
Virginia, Texas, Oregon, New Hampshire and Connecticut resident right to appeal:
If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal for additional review of our inability to fulfill your request, please click https://appeals.consumerprivacyinfo.com.
California Residents California Civil Code section 1798.83 (Shine the Light Law): If you are a California resident, you can opt-out of the sharing of your personal information with third parties for the third parties' direct marketing purposes. To find out more about your opt-out rights, please review this Privacy Statement or contact us via email at privacy_requests@aip.com.
Vermont residents: We won't share your personal information with our affiliate companies for marketing purposes except as allowed by Vermont law.
SOCIAL MEDIA, LINKS AND EXTERNAL SITES
Links to other company’s websites may be provided on our Site as a convenience to you. If you choose to go to these external websites, you will be subject to the privacy practices of those external websites; we are not responsible for the privacy practices of those websites. We encourage you to be aware when you leave our Site to read the privacy policies or statements of every website you visit, as those privacy policies or statements may differ from ours. Our Privacy Statement applies solely to the Sites where this Privacy Statement appears.
Our website includes Social Media features, such as the Facebook Like button and widgets, such as the Share This button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social Media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing it.
SECURITY
Protecting your personal information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your personal information. However, no website, mobile application, database, or system is completely secure or “hacker proof.” So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your personal information against unauthorized disclosure or misuse.
We limit access to your personal information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.
CONTACT US
If you should have questions or concerns about our privacy practices, please contact us at privacy_requests@aip.com.
To make a privacy complaint please contact our Customer Care team at 1-800-593-5106.
CHANGES TO OUR PRIVACY STATEMENT
We may periodically update or revise this Privacy Statement. The effective date at the top of the document shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means.