Effective Date: 12/12/2019
Last updated: 12/12/2019
This PRIVACY STATEMENT FOR CALIFORNIA RESIDENTS supplements the information contained in the OneAmerica Privacy Statement for OneAmerica Financial Partners, Inc. and our affiliated companies (collectively, “we,” “us,” or “our”) and applies solely to visitors, users, and others who reside in the State of California (“consumers,” “you” or “your”). We adopt this Statement to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning as defined in the CCPA when used in this Statement.
Information We Collect.
We may collect one or more of the following categories of personal information about you:
Real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Protected classification characteristics under California or federal law.
Age (40 years or older), citizenship, marital status, medical condition, physical or mental disability, sex, or veteran or military status.
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information.
Browsing history, search history, and information regarding a consumer’s interaction with an internet website or application.
Professional or employment-related information.
Current or past job history.
Physical location of a computer or networking device.
“Personal information” does not include publicly available information, deidentified or aggregated consumer information, or information otherwise excluded from the CCPA’s scope, including but not limited to the following:
- Certain health or medical information.
- Information collected pursuant to the Gramm-Leach-Bliley Act.
- Information collected by businesses in connection with administering benefits for job applicants, employees and contractors.
- Information collected by businesses about individuals in connection with their role as job applicants, employees, or contractors.
Use and Disclosure of Personal Information.
We may use or disclose the above categories of personal information for one or more of the following business purposes:
- To perform services for our customers, including maintaining or servicing accounts, processing transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on our own behalf or that of a service provider.
- To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute those responsible for that activity.
- To debug systems to identify and repair errors.
- To perform internal research for technological development and demonstration.
- To conduct audits related to interactions with customers and transactions.
- To undertake activities to verify or maintain the quality or safety of a service or device.
Sale of Information.
We have not sold consumers’ personal information in the preceding 12 months.
Sources of Personal Information.
We may collect your personal information from the following sources:
- From third parties, such as distribution or marketing partners.
- From your employer.
- From you directly, such as when you use our website or fill out forms.
Data Access Request and Data Portability Rights.
You have the right to request that we disclose certain information about the personal information we have collected about you in the previous 12 months. Upon receipt of a verifiable information access request (“Data Access Request”) from you, we will disclose the following to you if disclosure is not exempted under California privacy laws.
- The categories of personal information we have collected about you.
- The categories of sources from which the personal information was collected.
- Our business or commercial purpose for collecting your personal information.
- The categories of personal information that we disclosed about you for a business purpose.
- The specific pieces of personal information we have collected about you.
For information on how to make an Data Access request, see "Submitting a Data Access/Deletion Request" below.
After we receive a verifiable Data Access Request from you, we will promptly take steps to disclose and deliver, free of charge to you, the personal information required, subject to certain exceptions as specified in the CCPA. The information may be delivered by mail or electronically, and if provided electronically, the information will be in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit this information to another entity without hindrance. You may submit up to two Data Access Requests per 12-month period.
We will endeavor to respond within 45 days of receipt of a verifiable Data Access Request. If additional time is required, we will contact you and explain why we need more time.
Deletion Request Rights.
You have the right to request that we delete any personal information about you that we have collected from you, subject to certain exceptions. We may deny your request to delete your personal information if it is necessary for us to maintain your personal information in order to:
- Complete the transaction for which the personal information was collected, provide a good or service requested by you or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform duties pursuant to a contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with our business.
- Comply with a legal obligation.
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
For information on how to make a Deletion Request, see "Submitting an Access or Deletion Request" below.
You have the right not to be discriminated against by businesses because you exercised any of your rights under the CCPA.
Submitting an Access or Deletion Request.
You can submit an Data Access/Deletion Request by by calling us at 1-800-249-6269 (toll-free) and requesting a paper copy of the Data Access/Deletion Request form. Any personal information we collect from you in connection with our verification of your request will be used solely for the purposes of verification. You may submit a request on your own behalf or on behalf of your minor child. Another natural person or a person registered with the Secretary of State may submit a request on your behalf if they are authorized by you to do so. If you are submitting a Data Access/Deletion request on behalf of another person, you must submit proof that you are authorized to do so. Documents which may be accepted as proof of authorization include a signed power of attorney, proof of guardianship, or signed and notarized letter of authorization from the consumer on whose behalf the request is being made.
Information on how a consumer with a disability may access this Statement in an alternative format may be obtained by sending an email to email@example.com.
Changes to Our Privacy Notice.
We reserve the right to amend this privacy statement at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the statement’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
If you have any questions or comments about this notice, the ways in which we collect and use your information, your rights regarding such use, or wish to exercise your rights under California law, please write to us at the address below.
OneAmerica Financial Partners, Inc.
One American Square, P.O. Box 368
Indianapolis, IN 46206-0368