California Privacy Notice

Fidelity Security Life Insurance Company^® Privacy Notice to California Residents

The California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act of 2020 (CPRA) (hereafter referred to collectively as “CCPA”), gives California residents rights and control over their Personal Information. Fidelity Security Life Insurance Company^® (“FSL”, “we", “us” or “our”) provides this notice (“Notice”) to those California residents ("you", “your”) in accordance with requirements under the CCPA to make certain disclosures about the collection and processing of your Personal Information.

Most of the Personal Information we collect is already protected and governed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and certain federal financial privacy laws (Gramm-Leach-Bliley Act (GLBA)) and is therefore exempt from most CCPA obligations. As such, this Notice provides disclosures and information for California residents regarding the limited Personal Information we may collect that is subject to the CCPA.

We separately provide Notices required under GLBA and HIPAA in connection with products and services subject to those laws. Those Notices can be found on our website at www.fslins.com.

Definitions

Consumer: As defined by the CCPA, a consumer is a natural person who is a California resident, living in California for other than a temporary or transitory purpose, or individual domiciled in California.

Personal Information: Personal Information may be defined under various privacy laws but, generally, is a fact about an individual which, if combined with one or more other facts about that individual, would enable others to determine the specific person to whom the facts apply.

Personal Information does not include:

Publicly available information
Information specifically excluded from both of the CCPA and CPRA’s scope like Personal Information governed by HIPAA and GLBA

Sensitive Personal Information: is defined for purposes of this Notice as a subset of Personal Information that reveals certain financial, health, geolocation, racial, ethnic, citizenship or immigration status, religious or philosophical beliefs, biometric, sex life, and sexual orientation information about a California Consumer. If a business collects this type of information but uses or discloses it to provide you goods and services you requested or for certain allowed business purposes, this information is considered Personal Information, not Sensitive Personal Information.

Categories, Sources, Purpose, Use and Disclosure of Personal Information

The information that follows shows the types of Personal Information we may collect about California residents who are subject to the CCPA, the sources from which we collect it, the purpose for collection, and the ways in which we use it and disclose it to third parties.

Categories of Personal Information

We may collect, use, and/or disclose Personal Information, and in the preceding 12 months we have collected, used, and/or disclosed, the following types of Personal Information:

Personal identifiers (such as real name, alias, postal address, unique personal identiﬁer, email address, social security number, driver’s license number, or other similar identiﬁers)
Internet or other network or device activity (browsing history, search history, and information regarding a consumer’s interaction with an internet web site, application, or advertisement)
Categories of Personal Information described in the California Customer Records Statute (Cal. Civ. Code 1798.80). (Such as name, signature, social security number, address, telephone number, driver’s license or state identification card number, insurance policy number, education, employment information including history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information)
Characteristics of protected classes under California or federal law: age, gender, pregnancy, citizenship, familial status, medical condition, physical or mental disability, veteran, or military status)
Sensory Data. (Such as voice recordings of telephone calls with us, audio, voice, electronic, or similar information)
Sensitive Personal Information

Sensitive Personal Information We Collect

We may collect, use, and/or disclose Sensitive Personal Information, and in the preceding 12 months we have collected, used, and/or disclosed, the following types of Sensitive Personal Information:

Social security number, passport number, driver’s license number, or state identification card

Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account

However, like Personal Information, we only use Sensitive Personal Information if it is necessary to provide you goods and services you requested and for certain business purposes allowed by the CCPA.

Sources of Personal Information

We may collect your Personal Information from, and in the preceding 12 months we have collected Personal Information from one or more of the following sources:

We obtain your Personal Information when you provide it to us (e.g., where you contact us via email or telephone, paper applications, or by any other means)
We receive your Personal Information from third parties that interact with us in connection with the services we perform
We collect or obtain Personal Information when you visit any of our websites or use any features or resources available on or through our website. When you visit a website, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a website and other technical communications information), some of which may constitute Personal Information

Sources of Peronal Information

We may collect, use, and/or disclose Personal Information, and in the preceding 12 months we have collected, used, and/or used Personal Information for the following business purposes:

We obtain your Personal Information when you provide it to us (e.g., where you contact us via email or telephone, paper applications, or by any other means)
We receive your Personal Information from third parties that interact with us in connection with the services we perform
We collect or obtain Personal Information when you visit any of our websites or use any features or resources available on or through our website. When you visit a website, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a website and other technical communications information), some of which may constitute Personal Information

Purposes for Which We Use of Personal Information

We may collect, use, and/or disclose Personal Information, and in the preceding 12 months we have collected, used, and/or used Personal Information for the following business purposes:

Marketing and providing insurance to you;
Determining your eligibility for a quote;
Calculating your premium;
Administering claims;
Answering questions and providing notifications;
Supporting day-to-day business operations and insurance related functions;
Detecting security incidents, protecting against fraudulent or illegal activity, and to comply with regulatory and law enforcement authorities;
Confirming your identity and servicing your policy;
Providing customer and technical support;
Enhancing your customer experience and improving our products and services;
Creating, maintaining, customizing and securing accounts;
Undertaking internal research for technological development;
Developing and offering new products and services;
Marketing products and services with strategic partners;
Exercising and defending our legal rights and positions;
Managing risk and securing our systems, assets, infrastructure, and premises;
Responding to law enforcement requests and as required by applicable law, court order, or governmental regulations;
To fulfill FSL’s contractual obligations;
To help ensure the safety and security of FSL’s staff, assets, and resources, which may include, but is not limited to, physical and virtual access controls and access rights management; supervisory controls and other monitoring and reviews, as allowed by law; and emergency and business continuity management; and
As otherwise required by federal or state law.

Disclosure of Information to Third Parties

We may collect, use, and/or disclose Personal Information to/from third parties, and in the preceding 12 months we have disclosed Personal Information for the following business purposes to third parties:

As Necessary to Provide You the Products and Services You Request

We may share your information with insurance companies, reinsurance companies and their respective administrators, vendors, agents, and third-party service providers, including but not limited to insurance support organizations, that are engaged in services related to underwriting, claims administration and issuing insurance policies as needed to provide you the insurance products and services you request.

We may also share your information with third-party vendors, agents and other service providers that perform services on our behalf, as needed to carry out their work for us, which may include billing, payments, background check services, service fulfillment, web hosting or providing analytic services. We provide only as much information as is needed for these third-party vendors, agents and other service providers to perform services on our behalf.

For Legal Reasons

We may share your information with companies, organizations or individuals as required by law or subpoena or if we reasonably believe that such action is necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our Terms of Use, detect, prevent or address fraud, or to protect the security or integrity of our website and the products and services offered through our website; and/or (iii) exercise or protect the rights, property, or personal safety of us, our users or others.

In Connection with Our Sale or Other Significant Transaction

We may share your information with companies, organizations, or individuals in connection with a significant transaction, such as a merger, sale of our assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party or in the event of a bankruptcy or related or similar proceedings.

With Our Affiliates

We may share your information with other companies owned by or under common ownership as FSL. These companies will use your Personal Information in the same way as we can under this Notice.

Additional Privacy Information

Selling, Sharing, and Disclosure of Personal Information or Sensitive Personal Information

We have not, and currently do not sell Personal Information or Sensitive Personal Information we collect. We also have not, and do not share Personal Information or Sensitive Personal Information with third parties for cross-context behavioral advertising. If this changes, we will let you know in advance and provide you with information so that you may understand and exercise your right to opt-out of the future sale or sharing of your Personal Information or Sensitive Personal Information.

We do not offer an opt-out from the sale of Personal Information or Sensitive Personal Information because we do not engage in the sale of Personal Information or Sensitive Personal Information as contemplated by the CCPA. As noted elsewhere in this Notice, we may share and disclose Personal Information or Sensitive Personal Information with other businesses for a variety of reasons.

Retention Period

We retain Personal Information about you necessary to fulfill the purpose for which that information was collected and consistent with applicable federal and state laws. We generally retain information regarding you for at least seven years from the date of our last interaction with you, in compliance with our obligations under applicable laws, or for longer if required to do so according to our regulatory obligations or where we believe necessary to establish, defend, or protect our legal rights or those of others.

When we destroy your Personal Information or Sensitive Personal Information, we do so in a way that prevents that information from being restored or reconstructed.

Your Rights Under the CCPA

If you are a California resident, you have certain rights under the CCPA regarding your Personal Information, including:

Right to Know What Personal Information is Being Collected, Right to Access Personal Information

You have the right to request that we disclose the following information to you about our collection and use of your Personal Information for the preceding 12- month period:

The categories and specific pieces of Personal Information we have collected about you;
The categories of sources from which your Personal Information was collected;
The business or commercial purpose for collecting, selling, or sharing your Personal Information (we do not sell or share your Personal information);
The categories of third parties with whom we have disclosed your Personal Information; and
The specific pieces of Personal Information we have collected about you.

Right to Request Deletion

You have the right to request that we, our service providers, and contractors delete any Personal Information or Sensitive Personal Information which we have collected about you. However, we, our service providers, and contractors acting pursuant to a contract with us, another service provider, or another contractor, will not delete your Personal Information or Sensitive Personal Information if it is reasonably necessary or permissible for us, our service providers, or contractors to maintain the Personal Information or Sensitive Personal Information pursuant to the CCPA or other applicable state laws or federal law such as HIPAA or GLBA.

Right to Correct Inaccurate Personal Information

You have the right to request correction of any inaccurate Personal Information. Upon verifying the validity of a verifiable correction request, we will use commercially reasonable efforts to correct your Personal Information as directed, taking into account the nature of the Personal Information and the purposes of processing your Personal Information.

Right to Know What Peronal Informaiton is Sold or Shared and to Whom

You have the right to request that we disclose the categories of Personal Information that we collected about you, the categories of Personal Information that we disclosed about you for a business purpose, and the categories of persons to whom it was disclosed for a business purpose.

You also have the right to request the categories of Personal Information that we sold or shared about you and the categories of third parties to who your Personal Information was sold or shared, and the categories of third parties to whom your Personal Information was sold or shared, by category or categories of Personal Information for each category of third parties to whom your Personal Information was sold or shared.

However, we have not, and currently do not sell your Personal Information we collect. We also have not and do not share Personal Information with third parties for cross-context behavioral advertising. If this changes, we will let you know in advance and provide you with information so that you may understand and exercise your right to opt-out of the future sale or sharing of your Personal Information.

We do not offer an opt-out from the sale of Personal Information because we do not engage in the sale of Personal Information as contemplated by the CCPA. As noted elsewhere in this Notice, we share and disclose Personal Information with other businesses for a variety of reasons.

Right to Correct Inaccurate Personal Information

Right to Know What Personal Information is Sold or Shared and to Whom

Right to Limit Use and Disclosure of Sensitive Personal Information

You have the right to limit how your Sensitive Personal Information is used or disclosed, to that use and disclosure which is necessary to perform the services requested; certain business purposes permitted by the CCPA; and as otherwise authorized by regulations adopted pursuant to the CCPA. We do not collect or process Sensitive Personal Information for purposes of inferring characteristics about you. Therefore, your Sensitive Personal Information is treated as Personal Information.

Right to No Discrimination or Retaliation

You have the right not to be discriminated or retaliated against for exercising your rights guaranteed under the CCPA. Specifically, we may not deny you goods or services; charge you different prices or rates for goods or services; provide you a different level or quality of goods or services; suggest that you receive a different price or rate for goods or services or a different level or quality of goods or services.

How to Exercise Your Rights

To exercise one or more of your rights, free of charge, you or your authorized agent may make a request by emailing us at CCPA-Request@fslins.com with subject line “CCPA Consumer Rights Request” and include the following information:

First Name*

Last Name*

Date of Birth*

Email*

Phone Number*

Address*

City*

State*

ZIP code*

*Required

By submitting a request, you consent to receive phone calls from FSL, at the phone number above, including your wireless number if provided, for purposes of processing your CCPA request.

Or, you may call us at 800-648-8624 and let the operator know you are calling with a “CCPA Consumer Rights Request.” Our hours of operation are 6:30 a.m. to 6:30 p.m. CST, Monday through Friday, except holidays.

If you choose to submit a request through an authorized agent, we will require proof that the authorized agent has your written permission to submit a request on your behalf.

Exceptions to Our Obligations to Provide or Delete Information

You should be aware that our obligations to you are subject to certain important exemptions that will limit the things we are required to provide to or do for you under this law. As previously mentioned, the CCPA does not apply to Personal Information collected pursuant to Gramm-Leach-Bliley Act (GLBA), and health information that falls within the definitions of Personal Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).

This means that even if you submit a request, we are not required to provide information to you or delete your information if your information is required by us to provide any of the products and services we provide to you. This will likely eliminate or limit the amount of information you receive in response to a request. In addition, we are not obligated to delete information in response to your request if other regulations require us to maintain these records for a period of time. In many instances, that will be the case.

Other situations where we will not, or may not be able to, fulfill some or all of your CCPA request:

If you are not a California resident
If we cannot verify the identity of you or your authorized agent
If we cannot match the data that we have on file to your verified credentials
If we are required or permitted to keep some or all your Personal Information under state or federal laws or regulations

*Please see our HIPAA Notice of Privacy Practices at www.fslins.com for information about how we handle your Personal Information subject to HIPAA.

Changes to This Notice

We may change this notice from time to time. When we do, we will let you know by appropriate means such as by posting the revised notice on our web site with a new “Last updated” date. Any changes to this notice will become effective when posted unless indicated otherwise. For questions or concerns about our privacy policies and practices, please contact:

Privacy Officer
Fidelity Security Life Insurance Company®
3130 Broadway
Kansas City, MO 64111
Phone: 800-648-8624
Email: CCPA-Request@fslins.com

Last updated 1/2024