California Notice at Collection and Privacy Policy

California Notice at Collection

• Notice at Collection - California
   

California Privacy Policy

This Policy applies to the Federated Challenge, an annual event organized by the Federated Insurance Foundation, Inc., defined as a “business” pursuant to the California Consumer Protection Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”).  This California Privacy Policy (“CCPA Policy”) only applies to California consumers. California consumers (“consumers”) are persons who are California residents. This CCPA Policy only applies to consumers’ whose Personal Information is collected, used or disclosed by Federated Insurance Foundation, Inc.. Personal Information is defined below. Any other terms defined in the CCPA have the same meaning when used in this CCPA Policy.

This purpose of this CCPA Policy is to provide consumers with a comprehensive description of Federated Insurance Foundation, Inc. online and offline information practices regarding the collection, use, disclosure, and retention of personal information.  It is also intended to inform consumers about the rights they have regarding their personal information. It also provides the information necessary for them to exercise those rights.

“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

NOTE:  

• Federated Insurance Foundation, Inc. does not sell or share consumers’ Personal Information.  
• Federated Insurance Foundation, Inc. does not have actual knowledge that it sells or shares the Personal Information of consumers under 16 years of age. 
• Federated Insurance Foundation, Inc. does not use or disclose sensitive personal information for purposes other than those allowed in the CCPA. See CCPA Regulations §7027, subsection (m).

Personal Information does not include:

• Publicly available information or lawfully obtained, truthful information that is a matter of public concern.
• De-identified or aggregated consumer information.
• Information excluded from the CCPA’s scope, like:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

1. Categories of Personal Information Federated Insurance Foundation, Inc. has Collected About Consumers in the Last 12 Months

The categories of Personal Information Federated Insurance Foundation, Inc. has collected about consumers over the past 12 months include the following. Please note that personal information collected about any particular consumer will depend on the reason for collecting the information. For example, disability or employment information may be collected because the consumer is a Federated Insurance Foundation, Inc. employee. Whereas a driver’s license number may be collected because a consumer is covered under a policy of insurance or is making a claim against a policy.

1. Personal Identifiers: such as a real name, signature, physical characteristics, physical description, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, telephone number, passport number, social security number, driver’s license or state identification card number.
2. Financial Identifiers: such as insurance policy number, bank account number, credit card number, debit card number, or any other financial information.
3. Medical Information: such as health insurance or medical information, unique personal identifier for health insurance, online identifier, account name, or other similar identifiers;
4. Employment and Education Information: such as education history, employment or professional history, union membership, education information, as defined in FERPA, which is not publicly available information.
5. Protected classifications under California or federal law, including: age, race, color, sex, creed, gender, sexual orientation and identity, national origin, ethnicity, disability, immigration status, citizenship status, marital status, military or veteran status.
6. Commercial information: including records of personal property or products or services purchased, obtained, or considered.
7. Internet or other electronic network activity information, including, but not limited to, search history, and information regarding a consumer’s interaction with Federated Insurance Foundation, Inc. Internet Web sites, or applications. 
8. Audio, electronic, or similar information, including recordings of phone calls or messages left on a Federated Insurance Foundation, Inc. phone system or emails where Federated Insurance Foundation, Inc. is the intended recipient or where a consumer is using Federated Insurance Foundation, Inc. email system or other Federated Insurance Foundation, Inc. technology asset as an employee.

2. Categories of Sources from Which Federated Insurance Foundation, Inc. Has Collected the Categories of Personal Information Described Above

• Directly from the consumer. Individual Businesses that are seeking or have received insurance products or services from Federated Insurance Foundation, Inc., where the consumer is an employee or covered individual under the policy or service. 
• Third party Service Providers including vendors, law firms, reinsurers and other entities that provide services directly to Federated Insurance Foundation, Inc., pursuant to a contract, so that we can provide our insurance products and services and to provide employment support and services to our employees and any persons covered under medical, retirement or other employee benefits.
• Government entities.
• Internet service providers, data analytics providers, operating systems and platforms and social networks.

The categories of sources from which Federated Insurance Foundation, Inc. collects Personal Information vary, depending upon the particular nature of the interaction with each consumer.

3. Business or Commercial Purposes For Which Federated Insurance Foundation, Inc. Has Collected Consumers Personal Information

• To provide products and services that are requested
  • including , underwriting, maintaining and servicing accounts, providing customer services, processing or fulfilling requests and transactions, verifying customer information, processing payments, administering changes or amendments to existing products and services, processing claims, providing advertising or marketing services, providing analytic services, or providing similar services, and for Federated Insurance Foundation, Inc. operational purposes which are reasonably necessary and proportionate to achieve the purpose for which the information was originally collected or for another purpose that is compatible with the context in which the personal information was collected.
• To recommend different or additional insurance or risk management products or services, based upon the information provided as well as Federated Insurance Foundation, Inc. understanding of insurance needs.
• Detecting, preventing, and investigating security incidents that compromise the availability, authenticity, integrity or confidentiality of stored or transmitted personal information.
• Protecting against malicious, deceptive, fraudulent or illegal activity directed at Federated Insurance Foundation, Inc., and prosecuting those responsible for that activity.
• Debugging to identify and repair errors that impair existing intended functionality.
• Undertaking activities to verify or maintain the quality or safety of a service or product that is developed or provided by Federated Insurance Foundation, Inc., and to improve, upgrade, or enhance any service or product that is developed or provided by Federated Insurance Foundation, Inc..
• Auditing related to a current interaction with a consumer and concurrent transactions including auditing for compliance with the CCPA and other standards.
• Undertaking internal research for technological development and demonstration.
• To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about a consumer.
• For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with Federated Insurance Foundation, Inc.. When used for this purpose, personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with Federated Insurance Foundation, Inc..

4. Categories of Personal Information That Federated Insurance Foundation, Inc. Has Disclosed for a Business Purpose to Third Parties

Federated Insurance Foundation, Inc. has disclosed the following categories of Personal Information to third parties in the preceding 12 months for a business or commercial purpose: 

All categories of Personal Information.

5. Categories of Third Parties to Whom Federated Insurance Foundation, Inc. Has Disclosed Personal Information Described Above

Federated Insurance Foundation, Inc. may disclose consumer Personal Information with a third party service provider for a business or commercial purpose. When Federated Insurance Foundation, Inc. discloses Personal Information for a business or commercial purpose, it enters into a contract, as required, that describes the purpose and requires the service provider recipient to both keep the Personal Information confidential and not use it for any purpose except performing the contract.

Federated Insurance Foundation, Inc. discloses your Personal Information with the following categories of third parties:

• Service Providers
• Internet Service Providers
• Government Entities

6. Business or Commercial Purpose for Disclosing Personal Information

Federated Insurance Foundation, Inc. discloses personal information for multiple business reasons, depending on the specific nature and purpose for the disclosure.  We disclose information to service providers to assist Federated Insurance Foundation, Inc. in providing and servicing accounts, investigating and paying claims, engaging in litigation or claims investigations, for billing and payment recovery, for cyber security incidents, investigations and required reporting, and for employment purposes such as providing and administering benefits.  

7. Right to Know

Consumers have the right to request that Federated Insurance Foundation, Inc. disclose certain Personal Information Federated Insurance Foundation, Inc. has collected about them during the last 12 months. Federated Insurance Foundation, Inc. will not disclose any Personal Information unless it receives a Verifiable Consumer Request (Information on how to complete a Verifiable Consumer Request is found below in Section XI). Consumers have the right to request the following:

• Categories of Personal Information Federated Insurance Foundation, Inc. has collected about the consumer.
• Categories of sources from which the Personal Information is collected.
• The business or commercial purpose for collecting Personal Information.
• Categories of third parties to whom Federated Insurance Foundation, Inc. discloses Personal Information.
• Categories of Personal Information that Federated Insurance Foundation, Inc. disclosed for a business purpose about the consumer.
• Specific pieces of Personal Information that Federated Insurance Foundation, Inc. has about the consumer.

8. Right to Request Deletion

Consumers have the right to request that Federated Insurance Foundation, Inc. delete any of their Personal Information that Federated Insurance Foundation, Inc. collected from them and retained, subject to certain exceptions. Once Federated Insurance Foundation, Inc. receives a Verifiable Consumer Request - and separately confirms the Verifiable Consumer Request to delete- Federated Insurance Foundation, Inc. will delete (and direct its service providers to delete) the Personal Information from its records, unless an exception applies. Federated Insurance Foundation, Inc. will not delete personal information about the consumer that belongs to, or the business maintains on behalf of, another natural person. Federated Insurance Foundation, Inc. may elect to deidentify or aggregate the consumer information rather than deleting it. Information on how to complete a Verifiable Consumer Request to delete is found below.

Federated Insurance Foundation, Inc. may deny a deletion request if maintaining the information is necessary for Federated Insurance Foundation, Inc. to:

1. Complete the transaction for which the Personal Information was collected, provide a good or service requested by the consumer, or reasonably anticipated by the consumer within the context of Federated Insurance Foundation, Inc. ongoing business relationship with the consumer, or otherwise perform a contract between Federated Insurance Foundation, Inc. and the consumer.
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
3. Debug to identify and repair errors that impair existing intended functionality.
4. Exercise free speech, ensure the right of another consumer to exercise their right of free speech, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that conforms or adheres to all other applicable ethics and privacy laws, when Federated Insurance Foundation, Inc. deletion of the information is likely to render impossible or seriously impair the ability to complete such research, if the consumer has provided informed consent.
7. Enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with Federated Insurance Foundation, Inc. and compatible with the context in which the consumer provided the information.
8. Comply with federal, state, or local laws; or comply with a court order or subpoena or other legal obligation; or to comply with a civil, criminal or regulatory inquiry by federal, state or local authorities or law enforcement agencies.
9. Make other internal and lawful uses of that information that are compatible with the context in which the consumer provided it.
10. Exercise or defend legal claims.

9. Right to Correct Inaccurate Personal Information

Consumers have the right to request that Federated Insurance Foundation, Inc. correct inaccurate personal information about the consumer, maintained by Federated Insurance Foundation, Inc., taking into account the nature of the personal information and the purposes of the processing of the personal information.  Once Federated Insurance Foundation, Inc. receives a Verifiable Consumer Request, as described below, it will use commercially reasonable efforts to correct the inaccurate personal information, as directed by the consumer.  Federated Insurance Foundation, Inc. will not correct personal information about the consumer that belongs to, or the business maintains on behalf of, another natural person.

10. Right to Non-Discrimination

Consumers have the right not to receive discriminatory treatment by Federated Insurance Foundation, Inc. for the exercise of privacy rights conferred by the CCPA, including an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights.

11. Exercising Right to Know, Right to Delete and Right to Correct.

To exercise the right to know, right to delete or right to correct described above, please submit a Verifiable Consumer Request to Federated Insurance Foundation, Inc. by either:

• Verifiable California Consumer Data Request form, or
• Calling Federated Insurance Foundation, Inc. TOLL-FREE at: 1-844-929-0147.

Federated Insurance Foundation, Inc. needs to verify that the consumer making the request is the consumer about whom the business has collected information. Only the consumer or an Authorized Agent may make a Verifiable Consumer Request related to their Personal Information.  An “Authorized Agent” is a person registered with the California Secretary of State that consumers have authorized to act on their behalf or an individual granted authority under a written power of attorney issued pursuant to California Probate Code sections 4121 to 4130.  If an Authorized Agent is making the request and has not provided registration information or a power of attorney, Federated Insurance Foundation, Inc. must receive signed written permission from the consumer for the Agent to act on the consumer’s behalf.

Consumers may only make a Verifiable Consumer Request to Know twice within a 12-month period. The Verifiable Consumer Request must: 

• Provide sufficient information that allows Federated Insurance Foundation, Inc. to verify, to a reasonably high degree of certainty, that the requestor is the consumer about whom Federated Insurance Foundation, Inc. collected Personal Information or an Authorized Agent.
• Describe the request with sufficient detail to allow Federated Insurance Foundation, Inc. to properly understand, evaluate, and respond to it. NOTE: Completing as much information as possible on the Verifiable Consumer Request form will make it more likely that Federated Insurance Foundation, Inc. will be able to provide consumers with a substantive response.

Federated Insurance Foundation, Inc. will attempt to match data provided in the Verifiable Consumer Request to data that Federated Insurance Foundation, Inc. maintains on the consumer. Federated Insurance Foundation, Inc. will require a declaration under penalty of perjury, swearing that the requestor is the consumer (or Authorized Agent) whose Personal Information is the subject of the request.  If Federated Insurance Foundation, Inc. cannot, to a reasonable or reasonably high degree of certainty (depending on the nature of the request), verify a requestor’s identity or authority to make the request and confirm the Personal Information relates to the consumer, the request will be denied.  Federated Insurance Foundation, Inc. will also deny a request made by an Authorized Agent if the Authorized Agent does not submit proof that they have been authorized by the consumer to act on their behalf, as described above.   If this happens Federated Insurance Foundation, Inc. will state so in its response.

Making a Verifiable Consumer Request does not require the requestor to create an account with Federated Insurance Foundation, Inc.. Federated Insurance Foundation, Inc. will only use Personal Information provided in a Verifiable Consumer Request to verify the requestor’s identity or authority to make the request.

Federated Insurance Foundation, Inc. will provide a response either by mail or electronically, at the requestor’s option.

12. Verifiable Consumer Request Response and Timing

Federated Insurance Foundation, Inc. will confirm receipt of a Verifiable Consumer Request within 10 days of receipt and, upon verification, provide a response within 45 days. Federated Insurance Foundation, Inc. may require an additional 45 days to verify and respond to some requests.  If more than 45 days are required, Federated Insurance Foundation, Inc. will notify the requestor within the first 45 days, explaining the reason for the delay.

Federated Insurance Foundation, Inc. will not charge a fee to process or respond to a Verifiable Consumer Request unless it is excessive, repetitive, or manifestly unfounded. If Federated Insurance Foundation, Inc. determines that the Request warrants a fee, it will inform the requestor of the fee or refuse the Request and notify the requestor of the reason for refusal.

NOTICE:  Nothing in this CCPA Policy or the CCPA shall limit Federated Insurance Foundation, Inc. ability to comply with applicable laws; comply with civil, criminal, or regulatory inquiries by federal, state or local authorities; cooperate with law enforcement concerning any potential violations of law; or otherwise exercise or defend legal claims.

This CCPA Policy may be printed as a separate document by utilizing your browser’s print function.

13. Contact for More Information

Persons with a disability can receive alternative formats of this CCPA Policy by contacting Federated Insurance Foundation, Inc. below.

If a consumer has any questions or concerns about Federated Insurance Foundation, Inc. CCPA Policy or information practices, Federated Insurance Foundation, Inc. can be contacted at:

• Phone TOLL-FREE:  1-800-533-0472 and ask to speak to the Privacy Officer
• Postal Address: 

Federated Mutual Insurance Company
Attn:  Privacy Official – Legal
121 East Park Square
Owatonna, MN 55060

For all other inquiries, please contact us as follows: https://www.federatedchallenge.org/contact-us

This CCPA Privacy Policy was last updated:  10-17-2024