You are: individual
This California Consumer Privacy Act (CCPA) Privacy Policy and Notice at the time of Collection (“CCPA Notice”) is provided on behalf of Corebridge Financial and other companies controlled by, or under common control with Corebridge Financial, including companies with the Corebridge Financial name or branding (referred to hereinafter as “Corebridge,” “we” or “our”). We are providing this CCPA Notice in accordance with our obligations under applicable law and as part of our commitment to handling your personal information responsibly and transparently. Please review this CCPA Notice to understand our privacy practices, including what personal information we collect, why we collect it, how we collect it, and how you can exercise your rights with respect to your personal information.
This CCPA Notice applies to individuals associated with corporations, partnerships, other non-individual clients, and other non-client individuals who are California residents and whose personal information Corebridge collects. The CCPA Notice should be read in conjunction with any other privacy notices you receive from other Corebridge companies. We refer to any company that is not part of Corebridge as a non-affiliated third party.
This CCPA Notice is not applicable to current and former individual clients of Corebridge who purchased or are seeking to purchase products primarily for personal, family or household use such as life insurance, retirement products etc. If you are an individual client who has obtained or is covered by such a product or service from Corebridge, federal law requires that we provide you with a separate notice at the establishment of the customer relationship and annually thereafter, which explains what personal information we collect and what rights you may exercise with respect to your personal information.
If you are not a California resident or this CCPA Notice does not otherwise apply to you, please refer to https://www.corebridgefinancial.com/privacy-policy for more information about how Corebridge handles personal information.
1. What Personal Information Does Corebridge Collect?
The type of personal information we collect may vary depending on your relationship with us, such as if you are a client, a representative of one of our corporate or institutional clients, or a third party filing a claim. We may have collected the following categories of personal information:
A. Identifiers, such as name, contact information, online identifiers and Social Security numbers and other government-issued ID numbers;
B. Personal information, as defined in the California customer records law, such as insurance policy number, education, employment, employment history, financial information and medical information;
C. Characteristics of protected classifications under California or federal law, such as sex, age, race, religion, national origin, disability, medical conditions and information, citizenship, immigration status and marital status;
D. Commercial information, such as transaction information and history;
E. Internet or network activity information, to the extent you visit our websites or use our software applications, such as browsing history and interactions with our and other websites and systems;
F. Geolocation data, to the extent you use our mobile applications and choose to share your device geolocation data;
G. Audio, electronic, visual, and similar information, such as photographs or video recordings created in connection with our business activities, and recordings of calls to our representatives and call centers;
H. Professional or employment-related information, such as work history, prior employer, information relating to references, details of qualifications, skills and experience, human resources data, and data necessary for benefits and related administration services; and
I. Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.
2. What Are Corebridge’s Sources of Personal Information?
We collect the personal information described above directly from you such as through your transactions with Corebridge and our business partners, and your interactions with us on our websites and social media pages. We also collect this personal information from other categories of sources such as publicly available databases, consumer reporting agencies, commercially available sources, third parties authorized by you such as doctors, financial advisors, and prior and current employers, when they share the information with us.
3. How Does Corebridge Use Personal Information?
Depending on your relationship with us, we may use the personal Information described above for the following purposes:
- to operate, manage, and maintain our business, such as to make insurance decisions, communicate with you and others as part of our business, provide our products and services, and maintain records;
- to develop and improve our products and services, such as to undertake quality and safety assurance measures, audit customer interactions, facilitate social sharing functionality, resolve complaints, and evaluate customer service;
- for our employment and vendor management purposes;
- for security purposes, such as to maintain our facilities and infrastructure, protect against malicious, deceptive, or fraudulent activity, and conduct internal investigations;
- for monitoring purposes, such as to establish the existence of facts, maintain compliance with regulatory or self-regulatory practices, or for other purposes permissible under applicable law;
- to perform other necessary and appropriate internal functions, such as accounting and auditing;
- to report to credit bureaus;
- to conduct research, analytics, and data analysis, and for marketing purposes, such as to personalize, advertise, and market our products and services and administer contests and promotions, in accordance with applicable law; and
- to comply with legal and regulatory requirements, defend legal claims, and assist with legal processes such as investigations, and regulatory requests, litigation, and arbitration.
4. How Does Corebridge Share Personal Information?
Due to the size and complexity of our operations, we cannot identify every recipient of your personal information. Depending on your relationship with us, we may share your personal information for the purposes described in Section 3 with the following categories of recipients: entities within the Corebridge family, including subsidiaries and affiliates; insurance and distribution parties; service providers; providers of Internet-connected devices and associated software; governmental authorities and third parties involved in court action; parties to a merger or acquisition; and our business partners or other third parties as may be required and where we have obtained the appropriate authorization.
The following categories of personal information may have been disclosed to the categories of parties listed below:
Categories | Governmental authorities, regulators and third parties involved in legal or similar proceedings | Our business partners such as insurance, reinsurance and distribution parties | Our affiliated group companies | Our service providers/ vendors that support our operations and/or act on our behalf | Parties to a merger/acquisition, in the event that we sell or transfer all or any relevant portion of our business or asset | Any other party where we have first obtained your prior authorization |
---|---|---|---|---|---|---|
Identifiers, such as name, contact information, online identifiers and Social Security numbers and other government-issued ID numbers; | Yes | Yes | Yes | Yes | Yes | Yes |
Personal information, as defined in the California customer records law, such as insurance policy number, education, employment, employment history, financial information and medical information; | Yes | Yes | Yes | Yes | Yes | Yes |
Characteristics of protected classifications under California or federal law, such as sex, age, race, religion, national origin, disability, medical conditions and information, citizenship, immigration status and marital status; | Yes | Yes | Yes | Yes | Yes | Yes |
Commercial information, such as transaction information and history; | Yes | Yes | Yes | Yes | Yes | Yes |
Internet or network activity information, to the extent you visit our websites or use our software applications, such as browsing history and interactions with our and other websites and systems; | Yes | Yes | Yes | Yes | No | Yes |
Geolocation data, to the extent you use our mobile applications and choose to share your device geolocation data; | Yes | Yes | Yes | Yes | No | Yes |
Audio, electronic, visual, and similar information, such as photographs or video recordings created in connection with our business activities, and recordings of calls to our representatives and call centers; | Yes | Yes | Yes | Yes | Yes | Yes |
Professional or employment-related information, such as work history, prior employer, information relating to references, details of qualifications, skills and experience, human resources data, and data necessary for benefits and related administration services; and | Yes | Yes | Yes | Yes | No | Yes |
Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics | Yes | Yes | Yes | Yes | Yes | Yes |
When we share personal information with a non-affiliated third party, that third party cannot use the information except to perform services for Corebridge, or as may be permitted or required by law.
We do not sell personal information.
5. What Rights Are Available?
If you are a California resident and this CCPA Notice applies to you, you may request that we:
1. Disclose to you the following information covering the 12 months preceding your request:
- The categories of personal information we collected about you and the categories of sources from which we collected such personal information;
- The specific pieces of personal Information we collected about you;
- The business or commercial purpose for collecting personal information about you;
- The categories of personal information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such personal information (if applicable).
2. Delete certain personal information we collected from you. In the event that you choose to exercise this right, please note that we may nevertheless retain your personal information as permitted under applicable law, including but not limited to the following purposes:
- To provide goods or services within the context of our relationship with you;
- To detect security incidents or other fraudulent or illegal activity;
- To comply with Corebridge’s legal and regulatory obligations; and
- To enable other uses that are compatible with your expectations or appropriate given the context in which the personal information was collected.
In order to make either of the requests listed above, please contact us using either of the methods below:
(1) Call 1-800-344-8209; or
(2) Submit a request via the web links below:
a. Policy/Contract/Account Owners, Claimants, Insurance Applicants, Beneficiaries, etc. at AIG CCPA Customer Link
b. Agents, Brokers, Registered Representatives, etc. at AIG CCPA Agent Link
Either method will include instructions about how to submit a verifiable request, which will require that you or your authorized representative provide certain identifying information. For policy/contract owners, we request that you provide as much of the following information as possible so that we can locate you in our records:
1. Relationship to the Company – policy/contract/account owner, claimant, insurance applicant, beneficiary;
2. Request type – receive details on Personal Information, delete Personal Information, obtain copies of Personal Information;
3. First and last name;
4. Date of birth;
5. Email address;
6. Address, including state;
7. Telephone number;
8. Policy/Contract/Claim/Certificate/Quote number; and
9. Product name.
We will also ask you to certify under penalty of perjury by typing your name in the electronic form that you are the individual or the authorized representative of the individual whose information is the subject of the request. We may follow up with you for more information if necessary. If we do not receive this information, we will close your request due to our inability to verify your identity.
Authorized representatives will also be required to provide proof of their authority to act on your behalf by uploading relevant documents to the online form, such as a court order or a written power of attorney. If an authorized representative submits a request on your behalf, we will contact you to confirm their representation. If we are unable to verify your identity, or confirm that you have authorized the request, we may not be able to respond to your request in full.
Under California law, you are entitled to exercise your rights without experiencing any discriminatory treatment.
Changes to this CCPA Notice
We may change or update this CCPA Notice from time to time. When we do, we will post the revised CCPA Notice on this page with a new “Last Updated” date.