LAST UPDATED: September 21, 2023.
This Privacy Statement (“Statement”) describes the privacy practices of SquareTrade, Inc. d/b/a Allstate Protection Plans and its subsidiaries, including, without limitation, CE Care Plan Corp., Complete Product Care Corp, Protection Plan Group, Inc., ST Product Care Corp, SquareTrade Protection Solutions, Inc., SquareTradeGo, Inc. and PlumChoice, Inc. (collectively "SquareTrade", “our” or "we"). This Privacy Statement explains the Personal Information (as defined below) we collect, why we collect it, how we use and share it and the choices you can make regarding your information.
Use the Table of Contents to link directly to a specific section or scroll down to read the full Privacy Statement.
TABLE OF CONTENTS
1. Information We Collect and How We Collect It
2. Use of Your Personal Information
3. Sharing Your Personal Information
4. How Long We Keep Your Information
5. Cookies and Other Tracking Technologies
6. Your Rights and Choices
7. Data Transfers, Storage and Processing Globally
8. Social Media, Links and External Sites
10. Contact Information
11. Changes to Our Privacy Statement
1. INFORMATION WE COLLECT AND HOW WE COLLECT IT
We collect Personal Information about you in several different ways and from several sources. “Personal Information” refers to information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household (referred to as “you” in this Statement). “Personal Information” does not include publicly available information from government records or de-identified or aggregated information. We collect Personal Information from you when you provide it to us directly, including when you create an account with us, request products, services or information from us, register a claim with us, purchase products or services from us, participate in public forums or other activities on our sites, applications, or other services, send us messages or posts, respond to consumer surveys, or otherwise interact with us.
When you visit, download, and/or interact with our sites or applications, we and service providers use automatic data collection technologies such as cookies, flash cookies and web beacons to make our sites and applications more useful to you. These technologies collect information about your equipment, internet connection, browsing actions, and patterns, including Internet Protocol ("IP") address, browser type, internet service provider ("ISP"), referring/exit pages, operating system, date/time stamp, and clickstream data.
We and service providers also collect certain Personal Information when you download and use our applications, including your geographic location, how you use the applications, and the type of device you use. In the event our applications crash on your mobile device, we may receive information about your mobile device model, software version and device carrier. We may also collect information about you from third parties such as service providers and marketing companies.
The following are the categories of Personal Information that we may have collected about you for at least the past twelve (12) months and examples of the Personal Information that fall into those categories:
|PERSONAL INFORMATION CATEGORIES||EXAMPLES|
|PERSONAL IDENTIFIERS||Name, alias, signature, postal address, email address, unique personal identifier, online identifier, internet protocol (IP) address, phone number, description of your physical characteristics, insurance policy number, family member information, bank account number, credit card number or other payment or financial information, medical information or health insurance information, date of birth, Social Security number, driver's license number, state identification number, passport number, or other similar identifiers.|
|COMMERCIAL INFORMATION||Records of personal property, account name, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|INTERNET OR OTHER ELECTRONIC NETWORK ACTIVITY INFORMATION||Browsing history, search history, information regarding your interaction with our websites, application or advertisement, and mobile device information including device identifier or other.|
|MULTIMEDIA INFORMATION||Audio, electronic, visual or similar information.|
|EMPLOYMENT INFORMATION||Current or past job history or performance evaluations, job candidate profile and aptitude.|
|GEOLOCATION DATA||Physical location or movements, or trip tracking information|
Our sites are not intended for children. We do not market any products or services to children under the age of thirteen (13) or knowingly collect any information from children under the age of thirteen (13). We also do not sell or share for cross-context behavioral advertising the Personal Information of minors under sixteen (16) years of age.
2. USE OF YOUR PERSONAL INFORMATION
We use your Personal Information and other information for business purposes including to:
- Provide and maintain your services and products. We may use your Personal Information to create, maintain, customize, and secure your account with us, provide you with features or services or otherwise register you with our services. We may also use your Personal Information to process your requests, purchases, transactions, payments and prevent transactional fraud.
Improve, develop and analyze our sites, services and products. We use your Personal Information and other information to:
- analyze, improve, develop or deliver our Sites, products and services and develop new services, products or features using algorithms, analytics software and other similar methods,
- conduct actuarial or research studies to maintain, protect and develop our networks, services, and products and protect our customers, and
- analyze how visitors use our Sites to improve the Sites and enhance and personalize your experience.
We collect some information used for these purposes using analytics software, cookies and other tracking technologies. For more information about the collection and use of this information, see Cookies and Other Tracking Technologies below.
- Communicate with you about your service or product. We may communicate with you about your account or transactions with us, respond to your comments, questions or requests, provide customer service, provide you with notices or other communications, and send you information about features on our sites, applications, or other services or changes to our policies. With your consent, we may also post your testimonial along with your name and other information on our sites or other media channels.
- Provide marketing communications. We may use your Personal Information to send you marketing communications (including newsletters, e-mails, direct mail, and phone calls), to send you offers and promotions for our products and services, and to personalize content and experiences on our sites or applications.
- Comply with legal requirements and protect the safety and security of our business, services, and sites. We may use your Personal Information to comply with laws, regulations or other legal obligations, to assist in an investigation, to protect and defend our rights and property or the rights of third parties or enforce terms and conditions. We may also use your Personal Information to prevent suspected fraud, threats to our network or other illegal activities, prevent misuse or for any other reason permitted by law. We may use your Personal Information to protect our company, our affiliates, our customers, our network and our sites.
- Update or correct our records. We may receive Personal Information about you from other sources, including publicly-available databases, affiliates or third parties from whom we have purchased data, and combine that Personal Information with other Personal Information we have about you to update our records. For example, we may obtain change of address information from public sources and use that Personal Information to update or correct your address information.
3. SHARING YOUR PERSONAL INFORMATION
We do not sell, nor have we sold within the last twelve (12) months, your Personal Information. We also do not share Personal Information for cross-context behavioral advertising as defined under California law. We may share your Personal Information with our affiliates for business purposes consistent with the uses described in this Privacy Statement. We may also share information about you with third parties whenever you consent to or direct such sharing. We strive to work with companies that share our commitment to privacy. We may also share information with others in an aggregated or de-identified form that does not reasonably identify you.
We may also share your Personal Information or other information with service providers and other third parties for business purposes or as required or permitted by law including with:
- Service providers: We may share your Personal Information with service providers, such as vendors, consultants, and other service providers, which process Personal Information on our behalf and to whom we disclose Personal Information for a business purpose pursuant to a written contract.
- Marketing and advertising partners: We may share Personal Information and other information with third party online and other marketing and advertising partners or permit these partners to collect information from you directly on our sites to facilitate online advertising. The Cookies and other Tracking Technologies section below has more details about these activities.
- Other parties at your direction: Personal Information may be disclosed to third parties if you elected to share your Personal Information with selected companies to send you offers and promotions about their products and services, or if you directed us to share your Personal Information with third-party sites or platforms, such as social networking sites. Once we share your Personal Information with such third parties, the information they receive is subject to the third parties’ Privacy Statement and privacy practices.
- Third parties in connection with a business transaction: Personal Information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or related or similar proceeding.
Law enforcement, regulators and other parties for legal reasons: Personal Information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:
- comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
- protect our or others safety, rights or property,
- investigate fraud or to protect the security or integrity of our sites or any product or services,
- exercise or defend legal claims, and/or
- collect, use, retain, sell, or disclose consumer information that is deidentified or aggregated information.
4. HOW LONG WE KEEP YOUR INFORMATION
We retain personal information in accordance with applicable laws or regulatory requirements and also for as long as necessary to fulfill the purposes for which it was collected and to fulfill the business or commercial purposes that are explained in this Privacy Statement.
5. COOKIES AND OTHER TRACKING TECHNOLOGIES
Technologies and Information Collected: When you visit our sites, we and our service providers automatically collect information about your use of and access to these sites. We collect this information through a variety of tracking technologies, including cookies, flash objects, web beacons (also called pixel tags), embedded scripts, location-identifying technologies, and similar technology (collectively, “tracking technologies”). Information we collect automatically about you may be combined with other Personal Information we collect directly. The information collected in this manner includes:
- The site from where you accessed our sites, where you went to when you left the sites, how frequently you visit the sites, when and whether you open emails or click the links contained in emails, pages you visit on our sites, the links you click and ads you view, or your location when you access our sites,
- Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
- Analytics information collected by us or via third party analytics tools, to help us measure traffic and usage trends for the sites and to understand more about the demographics and behaviors of our users, and
- How often you use a mobile app, from where the app was downloaded, events that occur within the app, aggregated usage, and performance data.
Use of the information: We or our service providers may use the information collected through tracking technologies to improve, enhance and personalize your customer experience, to monitor and improve our sites and for other internal purposes such as:
- Remembering information so that you will not have to re-enter it during your visit or the next time you visit the sites,
- Provide custom, personalized content and information, including targeted content and advertising,
- Identify and contact you across multiple devices,
- Provide and monitor the effectiveness of our sites,
- Perform analytics and detect usage patterns on our sites,
- Diagnose or fix technology problems,
- Detect or prevent fraud or other harmful activities, and
- Otherwise to plan for and enhance our sites.
Our service providers include Adobe and Google. To learn about Adobe Analytics privacy practices or to opt-out of cookies set to facilitate reporting, visit Adobe Privacy Center. To learn more about Google’s privacy practices, visit Google Privacy Center. To access and use the Google Analytics Opt-out Browser Add-on, visit Google Opt-out.
Your choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to change your browser settings to disable existing cookies, automatically request cookies or to notify you when you receive a cookie. However, if you disable, modify, or reject cookies, some parts or functionalities of our sites may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services.
Although we do our best to honor the privacy preferences of our visitors, we are not able to respond to “Do Not Track” signals from your browser at this time.
6. YOUR RIGHTS AND CHOICES
Various federal and state laws provide privacy rights to consumers including the right to know, access, delete, or correct personal information, the right to opt-out of sharing of personal information with affiliates for marketing or the right to opt-out of receiving email marketing.
California residents have certain rights under CCPA to access, correct and delete personal information, and other rights described below. Similar rights exist for Virginia and Connecticut residents for some of the personal information we collect. While these rights apply only to some of the personal information we collect, for transparency and for your convenience you can submit a request no matter where you live.
Right to Know and Access Your Personal Information: You have the right to request the specific pieces of personal information we have collected about you and the right to know:
- the categories of personal information we've collected,
- the categories of sources from which personal information was collected,
- the business purpose for collecting the personal information, and
- the categories of third parties with whom we disclose or share personal information.
Right to Delete Personal Information: You have the right to request we delete Personal Information we collected from you, subject to certain exceptions including that we need the Personal Information to:
- Complete a transaction for which we collected the Personal Information, provide a good or service you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you,
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
- Debug products to identify or repair errors that impair functionality,
- Comply with a legal obligation, or
- Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Right to Correct Personal Information: You have the right to request we correct any inaccurate information we have about you. We may request that you provide documentation to support your request and we will correct your information unless we determine that the personal information is more than likely accurate.
Non-Discrimination Rights: We don't discriminate against you if your exercise any of the privacy rights described in this privacy statement.
Verified Requests: To protect you and your personal information, we will only respond to requests to know, access, delete or correct that we have been able to properly verify through our authentication processes. To verify your identity, you will be asked to provide several pieces of personal information, such as name and demographic information, which we only use to verify your identity or authority to make the request.
Authorized Agents: You may designate an authorized agent to submit an access or deletion request on your behalf. In order to verify that the agent is authorized to make a request on your behalf, we may require you to: (1) provide the authorized agent signed permission to submit a privacy request on your behalf, (2) verify your identity directly with us, and/or (3) directly confirm with us that you provided the authorized agent permission to submit the privacy request on your behalf.
Submitting a Request: To submit an access, deletion, or correction request, please visit the Access/Correction/Deletion webpage or call us at 1-866-265-4801. Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period. Requests from authorized agents must be submitted via the same online portal or toll-free number but to protect your privacy, consumers will be required to verify their identity directly with us via our online portal or toll-free number.
Virginia and Connecticut Resident Right to Appeal: If we are unable to fulfill your request to access, review, delete or correct your personal information, we will respond to you explaining why. If you would like to appeal for additional review of our inability to fulfill your request, please visit the Appeals website.
Consumer Request Metrics: The chart below lists the number of privacy requests SquareTrade received from residents of California and the number of requests complied with and denied, along with the average amount of days it took to complete a request.
|Data Access Requests||Quantity|
|Number of requests received||0|
|Number of requests complied with in whole or in part||0|
|Number of requests denied||0|
|Average days to complete a request||0|
|Data Deletion Requests||Quantity|
|Number of requests received||57|
|Number of requests complied with in whole or in part||0|
|Number of requests denied*||57|
|Average days to complete a request||2|
*Our practice is to delete personal information after it is no longer needed for business purposes, as explained in this Privacy Statement.
Email Marketing: Each time you receive newsletters or emails from us that directly promote the use of our products and services, or third-party products and services, you may request to stop receiving further communications from us. You will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the email or newsletter or by contacting us. To opt-out from receiving marketing and promotional emails, please email us at email@example.com or contact us at SquareTrade, Inc., Attn: Legal Department, 2000 Sierra Point Pkwy, Ste 300, Brisbane, CA 94005.
If you opt-out from receiving marketing emails, we may still send you non-promotional emails such as emails about your products or services, our ongoing business relations, responses to your requests and inquiries, or service-related communications, including notices of any updates to terms and conditions or our privacy practices. You may also change the communication preferences for your account by visiting the My Profile webpage.
Additional Rights and Choices: In accordance with applicable law, you have the following additional rights:
- You may change your choices for subscriptions, newsletters, marketing and promotional communications. To unsubscribe please follow the directions contained in our marketing and promotional communications.
- You may choose whether we share your Personal Information with other companies so they can send you offers and promotions about their products and services.
- You may stop all collection of information by an application by uninstalling the application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
California Residents - California Civil Code Section 1798.83 (Shine the Light Law)
If you are a California resident, you can opt-out of our sharing of your Personal Information with third parties for the third parties' direct marketing purposes by contacting firstname.lastname@example.org. To find out more about your opt-out rights, please review our Privacy Statement or contact us at SquareTrade, Inc., Attn: Legal Department, 2000 Sierra Point Pkwy, Ste 300, Brisbane, CA 94005, or via e-mail at email@example.com.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
7. DATA TRANSFERS, STORAGE AND PROCESSING GLOBALLY
We operate globally and may transfer your Personal Information to our affiliates or partners companies, service providers, or third parties in locations around the world for the purposes described in this Privacy Statement. Wherever your Personal Information is transferred, stored or processed by us, we will take reasonable steps to safeguard the privacy of your Personal Information.
For transfers of Personal Information (referred to as personal data under the General Data Protection Regulation, “GDPR’)) outside of the United Kingdom (“UK”) and European Economic Area (“EEA”) our affiliates execute standard contractual clauses that have been approved by the European Commission in respect of transfers of Personal Data. Under the GDPR, SquareTrade, Inc. and our affiliates act as joint data controllers.
EU-U.S. Data Privacy Framework Principles
We comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this Privacy Statement and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, visit the Data Privacy Framework webpage.
If we transfer Personal Information to a third party, the third party’s access, use, and disclosure of the Personal Information must also be in compliance with our Data Privacy Framework obligations, and we will remain liable under the Data Privacy Framework for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage.
A Note to Users Outside of the United States: If you are a non-U.S. user of our sites, applications, or other services, by using these and providing us with data, you acknowledge and agree that your Personal Information may be processed for the purposes identified in the Privacy Statement. In addition, your Personal Information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of Personal Information may be less stringent than the laws in your country. By providing your information, you consent to such transfer.
8. SOCIAL MEDIA, LINKS AND EXTERNAL SITES
Links to other company’s sites may be provided on our sites as a convenience to you. If you choose to go to these external sites, you will be subject to the privacy practices of those external sites; we are not responsible for the privacy practices of those sites. We encourage you to be aware when you leave our sites to read the privacy policies or statements of every site you visit, as those privacy policies or statements may differ from ours. Our Privacy Statement applies solely to the sites where this Privacy Statement appears.
The security of your Personal Information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your Personal Information. However, no site, application, database or system is completely secure or “hacker proof.” So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your Personal Information against unauthorized disclosure or misuse.
We limit access to your Personal Information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.
10. CONTACT INFORMATION
If you have any questions or comments about this Privacy Statement or the privacy practices described herein, please contact us at SquareTrade, Inc., Attn: Legal Department, 2000 Sierra Point Pkwy, Ste 300, Brisbane, CA 94005, or via e-mail at firstname.lastname@example.org.
An individual, under certain conditions, may invoke binding arbitration for complaints regarding Privacy Shield compliance. For additional information, please visit the Privacy Shield webpage.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please visit the TRUSTe webpage to contact our U.S.-based third-party dispute resolution provider (free of charge).
11. CHANGES TO OUR PRIVACY STATEMENT
We may periodically update or revise this Privacy Statement. The date at the top of this page shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means.