Updated: December 20, 2022
This Privacy Notice for California Consumers supplements the information contained in the Master Privacy Notice for BITCO Insurance Companies and applies to consumers that reside in the State of California. The terms used in this Privacy Notice have the same meaning as the terms defined in the California Consumer Privacy Act (“CCPA”).
In accordance with the CCPA, personal information is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include:
Information outside the scope of the CCPA such as:
Please see the chart below to learn what categories of personal information we may have collected about California consumers within the preceding twelve months, the sources of and business purposes for that collection and the third parties with whom the information has been disclosed, if any.
Category |
Examples |
Sources |
Business Purpose for Collection |
Third Parties with Whom Information is Disclosed |
Identifiers |
Real name, alias, postal address, unique personal identifier, online identifier, Internet protocol address, email address, account name, passport number or other similar identifiers. Social security number and driver's license number are collected. |
Insurance applicant, insured, employees of the insured, claimants and affiliated individuals, employees of BITCO. |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. If an employee of BITCO, for operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. For employment matters (if needed): attorneys and related legal support professional. |
Personal information described in California Customer Records statute (Cal. Civ. Code § 1798.80(e)) |
Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. “Personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. Health information is collected. |
Insurance applicant, insured, employees of the insured, claimants and affiliated individuals, employees of BITCO. |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. If an employee of BITCO, for operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. For employment matters (if needed): attorneys and related legal support professional. |
Characteristics of protected classifications under California or federal law |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religions or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, or genetic information (including familial genetic information). |
Claimants and affiliated individuals, employees of BITCO. |
Responding to policyholder/consumer claims, inquiries or complaints. If an employee of BITCO, for operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. For employment matters (if needed): attorneys and related legal support professional. |
Commercial Information |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
Insurance applicant, insured, employees of the insured, claimants and affiliated individuals. |
Responding to policyholder/consumer claims, inquiries or complaints. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
Biometric information |
Physiological, genetic, or behavioral characteristics, imagery of the iris, retina, fingerprint, faceprint, voiceprint, handprint, keystroke patterns, gait patterns, other physical patterns involving sleep, health or exercise data. |
Claimants and affiliated individuals. |
Responding to policyholder/consumer claims, inquiries or complaints. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
Internet or other electronic network activity |
Browsing history, search history, information about a consumer’s interaction with a website, application, or advertisement. |
Claimants and affiliated individuals, employees of BITCO, other users of BITCO's information networks or systems. |
To provide access to certain online services. To understand the interests of visitors to our online services, to support certain features of our site, for navigation and to display certain features more effectively. Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. For fraud or network security: law enforcement or vendors assisting in resolving incidents. |
Geolocation data |
Geographic tracking data, physical location and movements |
Claimants and affiliated individuals, users of BITCO's information networks or systems. |
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
Sensory data |
Audio, electronic, visual, thermal, olfactory, or similar information |
Claimants and affiliated individuals. |
Responding to policyholder/consumer claims, inquiries or complaints. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
Professional or employment related information |
Current or past employment history, performance evaluations, disciplinary records, investigations, awards, earnings, compensation and payroll records, benefit records, employment application, resume, background checks, contracts and agreements or termination records, leave documentation, medical records or workers compensation records. |
Insurance applicant, insured, employees of the insured, claimants and affiliated individuals, employees of BITCO. |
Responding to policyholder/consumer claims, inquiries or complaints. If an employee of BITCO, for operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
Nonpublic Education information (FERPA) |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class list, student schedules, student identification codes, student financial information, or student disciplinary records. |
Claimants and affiliated individuals, employees of BITCO. |
Responding to policyholder/consumer claims, inquiries or complaints. If an employee of BITCO, for operational purposes. |
For claims: claims adjusters and investigators, attorneys and related legal support professionals, and medical or health care providers. |
The CCPA requires us to tell you what categories of personal information we “sell”, “share” or “disclose.” We do not sell and will not sell your personal information as that term is commonly understood. We also do not sell and will not sell your personal information, including the personal information of persons under 16 years of age, as that term is defined by the CCPA. We do not share your personal information, including the personal information of persons under 16 years of age, as that term is defined in the CCPA. When it is necessary for a business purpose, we may disclose your personal information to a service provider or contractor, and we enter into a contract with the service provider or contractor that limits how the information may be used and requires the service provider to protect the confidentiality of the information.
In the preceding twelve months, we have disclosed the following categories of personal information for the following business purposes.
Category |
Examples |
Business Purpose for Disclosure |
Identifiers |
Real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number or other similar identifiers |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. |
Personal information described in California Customer Records statute (Cal. Civ. Code § 1798.80(e)) |
Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. “Personal information” does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints, detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. |
Characteristics of protected classifications under California or federal law |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religions or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, or genetic information (including familial genetic information). |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints. Other audit or operational purposes. |
Commercial Information |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
Underwriting or providing other products or services, responding to policyholder/consumer claims, inquiries or complaints. |
Biometric information |
Physiological, genetic, or behavioral characteristics, imagery of the iris, retina, fingerprint, faceprint, voiceprint, handprint, keystroke patterns, gait patterns, other physical patterns involving sleep, health or exercise data. |
Responding to policyholder/consumer claims, inquiries or complaints. |
Internet or other electronic network activity |
Browsing history, search history, information about a consumer’s interaction with a website, application, or advertisement. |
To provide access to certain online services. To understand the interests of visitors to our online services, to support certain features of our site, for navigation and to display certain features more effectively. Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. Other audit or operational purposes. |
Geolocation data |
Geographic tracking data, physical location and movements |
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity. |
Sensory data |
Audio, electronic, visual, thermal, olfactory, or similar information |
Responding to policyholder/consumer claims, inquiries or complaints. |
Professional or employment related information |
Current or past employment history, performance evaluations, disciplinary records, investigations, awards, earnings, compensation and payroll records, benefit records, employment application, resume, background checks, contracts and agreements or termination records, leave documentation, medical records or workers compensation records. |
If an employee of BITCO Insurance Companies, for operational purposes. If an insured, for claims purposes. Other audit or operational purposes. |
Nonpublic Education information (FERPA) |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class list, student schedules, student identification codes, student financial information, or student disciplinary records. Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). |
Responding to policyholder/consumer claims, inquiries or complaints. If an employee of BITCO, for operational purposes. |
Inferences from other personal information to create a profile of a person |
A person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes. |
Not disclosed. |
We may also transfer to a third party the personal information of a consumer as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of the business.
The length of time that we retain personal information largely depends upon the purpose for which the information was collected rather than the category of the information as set forth in this Notice. When establishing retention periods, we consider applicable statutes of limitation and legal and regulatory requirements and guidelines. Personal information is generally retained for periods of time that permit the company to meet its legal and regulatory obligations.
The CCPA provides California consumers with certain rights regarding their personal information. This chart describes those rights and certain limitations to those rights.
Right |
What This Means |
Notice |
At or before the time your personal information is collected, you will be given or be able to access information regarding the categories of personal information to be collected, the purposes for which the categories of personal information will be used and whether that information is sold or shared. |
Access |
At your verifiable request, but no more than twice in a twelve month period, we shall disclose to you:
|
Deletion |
You have the right to request that we delete any of your personal information that we collected from you, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our service providers and contractors to delete) your personal information from our records unless an exception applies. We may deny your request if retention of the information is necessary for us or our service providers to:
|
Correct |
You have the right to request that we correct inaccurate personal information about you, taking into account the nature of the personal information and the purposes of the processing of the personal information. After we receive and verify your request, we will use commercially reasonable efforts to correct the inaccurate personal information as directed by you. |
Opt-Out of Sale or Sharing |
With some limitations, you may direct a business that sells or shares personal information to third parties not to sell the personal information to these third parties. |
Opt-In to Sale or Sharing |
A business may not sell or share the personal information of persons less than sixteen years of age without their affirmative consent, and in the case of those less than thirteen years of age, the consent must come from a parent. |
Limit Use of Sensitive Personal Information |
You may direct a business to limit the use of your sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services and certain other limited uses as described in the CCPA and applicable regulations. |
Non-Discrimination |
We will not discriminate against you for exercising your rights under the CCPA. Unless otherwise permitted by the CCPA we will not:
|
The CCPA gives consumers the right to direct a business that sells or shares personal information about the consumer to third parties not to sell or share the consumer’s personal information. We do not sell and will not sell your personal information as that term is commonly understood. We also do not sell and will not sell your personal information, as that term is defined by the CCPA. We do not share your personal information as that term is defined in the CCPA.
The CCPA gives consumers the right to direct a business to limit the use of the consumer’s sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services and certain other limited uses as described in the CCPA and applicable regulations. We do not use or disclose sensitive personal information for purposes other than those purposes specified in Section 7027, subsection (m) of the California Consumer Privacy Act Regulations. If we begin using or disclosing your sensitive personal information outside of those purposes, then we will provide you with the option to limit our use or disclosure through a clear and conspicuous link on our internet homepage.
To exercise your access, correction or deletion rights described above, please submit a verifiable consumer request to us. Call 1.800.475.4477 or write to email privacy@bitco.com; or regular mail Attn: Privacy Coordinator, 3700 Market Square Circle, Davenport, IA 52807).
Only you or your representative that you authorize to act on your behalf can make a verifiable consumer request for your personal information. You may also make a request for your minor child. The verifiable request must provide enough information that allows us to reasonably verify you are the person about whom we collected personal information. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and to confirm the personal information relates to you.
We use several layers of authentication in order to verify your identity and safeguard access to your personal information. We will request that you respond to a text message from our representative. We will also request that you provide certain information such as your first and last name, your address and your birthdate and respond to other questions designed to authenticate your identity. If we are unable to verify your identity, we may require additional authentication or your request may be rejected.
We work to respond to a verifiable consumer request within 45 days of its receipt. If we require additional time, we will inform you of the extension period (up to an additional 45 days), and the reason for the extension in writing. If you have an account with us, we will deliver our response to that account. If you do not have an account with us, we will deliver our response by mail or electronically, depending on your preference. The response we provide will also explain any reasons why we cannot comply with a request.
You may only make a consumer request for access twice within a twelve-month period.
Any disclosures we provide will apply to the twelve-month period preceding the consumer request’s receipt.
California’s Shine the Light law also permits California residents who have supplied personal information, as defined in the law, to us under certain circumstances, to request and obtain certain information regarding our disclosure, if any, of personal information to third parties for their direct marketing purposes. If this applies, you may obtain the categories of personal information shared and the names and addresses of all third parties that received personal information for their direct marketing purposes during the immediately prior calendar year (e.g. requests made in 2023 will receive information about 2022 sharing activities) or to request to opt-out of such future sharing. To make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. You may make this request in writing at: privacy@bitco.com.
If you have any questions regarding our Privacy Notice or practices, please contact us (call: 800.475.4477; email: privacy@bitco.com; regular mail: 3700 Market Square Circle, Davenport, IA 52807).
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras et magna tincidunt lacus sagittis maximus fermentum.
BITCO Insurance Companies
3700 Market Square Circle
Davenport, Iowa 52807
Phone: 800.475.4477
Fax: 844.233.7299