This Privacy Policy (“Policy”) describes how Chubb Group of Insurance Companies, and our brands, affiliates, and subsidiaries (“Chubb,” “we,” “us” and “our”) collect, use, and disclose your information, including Personal Information, when you visit our websites, including www.chubb.com (the “Sites”), download our mobile applications, or use any of our products or services that link to or otherwise reference this Policy (collectively, the “Services”). This policy does not apply to www.combinedinsurance.com (except when Combined insurance products are sold under the Blink℠ by Chubb brand), www.rainhail.com, or www.streamlabswater.com, nor to any non-Chubb websites or mobile applications that you may access via the Services. Those websites and services are governed by the privacy policies that appear on those sites and applications. Depending upon your relationship with us, you may receive other privacy notices from us providing additional detail about our privacy practices. If you are a California resident, please see the Additional Notice to California Residents below for more information.
Your use of the Services is subject to this Policy and the Chubb Terms of Use, including applicable terms of limitations on liability and the resolution of disputes.
We collect information that identifies, describes, or is reasonably capable of being associated with you (“Personal Information”). Personal Information does not include publicly available information, such as information lawfully made available from government records, information we have a reasonable basis to believe is lawfully made available to the general public by you or by widely distributed media, or by a person to whom you have disclosed the information and not restricted it to a specific audience, or deidentified or aggregated information.
As described below, we collect Personal Information directly from you, automatically through your use of the Sites and Services, and from third-party sources. To the extent permitted by applicable law, we may combine the information we collect from publicly available or third-party sources. The Personal Information we collect varies based on your relationship with us.
Personal Information We Collect Directly From You
In order to access certain Services, we may collect Personal Information directly from you, including throughout the quoting, application, or claims handling processes. The Personal Information you provide directly to us may include:
Personal Information We Collect Automatically
As described below in the “Cookies and Other Tracking Mechanisms” section, when you visit our Sites or use our Services, we may automatically collect certain Personal Information, including:
Personal Information We Collect from Other Sources
We may collect information about you through our affiliates, business partners, and vendors, including from administrators, adjusters, agents, brokers, or other representatives who provide services or products on our behalf. For example, we may collect information about your policies, including coverage or claim information, through these sources. We may also receive information from consumer reporting agencies, including motor vehicle reports or information about your credit or creditworthiness, and from other, publicly available sources.
We may use the Personal Information we collect for the following purposes:
We also may use automated processes and combine or aggregate any of the information we collect through the Services or elsewhere for any of these purposes or for analyzing usage statistics and trends.
When permitted by applicable law, including in cases that require your consent, we may disclose your Personal Information to our affiliates, business partners, vendors and services providers, and others as follows:
We also may disclose your Personal Information in the following circumstances:
Chubb may collect Social Security numbers (“SSNs”) in the course of our business. We strive to protect the confidentiality and security of SSNs in our possession, custody or control by: (i) limiting access to SSNs and (ii) maintaining reasonable administrative, technical and physical safeguards to protect against the loss, misuse or unlawful disclosure of SSNs. We do not share SSNs for marketing purposes.
We and our third-party service providers use cookies, pixels, tags, and other similar tracking mechanisms to automatically collect information about browsing activity, type of device and similar information within our Services and to target advertising and content across our Services and third-party sites and services. We use this information to, for example, analyze and understand how users access, use and interact with others through our Services, as well to identify and resolve bugs and errors in our Services and to assess, secure, protect, optimize and improve the performance of our Services.
Cookies. “Cookies” are alphanumeric identifiers we transfer to your device’s hard drive through your web browser for tracking purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process, support the security and performance of the Services, or allow us to track activity and usage data within our Service.
Clear GIFs, Pixel Tags, and Other Technologies. In addition to cookies, we may also use pixel tags (sometimes called web beacons or “clear GIFs”) to collect information about you and your use of our Services. While cookies are stored locally on your device, pixel tags are embedded invisibly within web pages and online content. We may use these, in connection with our Services to, among other things, track the activities of users, help us manage content and compile usage statistics. We may also use these in HTML e-mails we send, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Third-Party Analytics and Tools. We use third party tools, such as Google Analytics, which are operated by third party companies. These third-party analytics companies may collect usage data (using cookies, pixels and similar tools) about our Services in order to provide us with reports and metrics that help us evaluate usage of our Services, improve our Sites, and enhance performance and user experiences. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.
Cross-Device Tracking. We and our third-party providers may use the information that we collect about you within our Services and on other third-party sites and services to help us and these third parties to identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.).
Targeted Advertising. We work with third parties, such as ad networks, channel partners, mobile ad networks, analytics and measurement services and others ("Advertising Providers") to personalize content and display advertising within our Services. We and our Advertising Providers may use cookies, pixels tags, session replay and other tools to collect information within our Services such as IP address, location information, device ID, cookie and advertising IDs, and other identifiers, as well as browsing information such as web pages, videos and other content accessed by you. We and our Advertising Providers use this information to provide you more relevant ads and content within our Services, and to evaluate the success of such ads and content.
Do Not Track. We do not currently respond to web browser “Do Not Track” signals.
We make available several ways for you to manage choices about your Personal Information, including preferences regarding cookies, advertising, whether you want to receive marketing and promotional emails from us, and choices regarding your account and profile information.
Our Services are not designed for children, and we do not knowingly collect Personal Information from children under the age of thirteen (13). If we learn that we have received information directly from a child who is under the age of 13, we will delete such information from our systems. If you are a parent or legal guardian and you believe we have collected your child’s information in violation of applicable law, please contact us using the contact information below.
When you use our Services, you may find links to other websites that we do not own or control. We are not responsible for the privacy practices of these other sites, including their collection of your Personal Information. You should review the terms and conditions and privacy policies of these other sites before providing your information.
We may offer blogs, online forums or other interactive features in connection with our Services that enable you to share information about the Services or other issues of interest. You should be aware that any communications you submit or post to any such interactive features on the Services may be viewable by other participants or users. By submitting or posting to such interactive features you acknowledge and agree that you have no expectation of privacy or confidentiality in the content you submit for such features, whether or not it contains Personal Information about you.
We have implemented safeguards designed to protect Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.
This Policy is current as of the Effective Date set forth above. We may change this Policy at any time and from time to time. Any amendments or modifications to this Policy will become effective immediately upon posting. We will let you know of amendments or modifications by appropriate means such as by posting the revised statement on this page with a new “Last Updated” date. Your continued use of any of our Services following the posting of a revised version of this Policy will constitute your acceptance of the revised Policy. If you do not agree with the revised Policy, do not use any of our Services.
If you have questions about this Policy or our privacy practices, please contact us using the contact information provided below.
Chubb Group
Attention: Privacy Inquiries
202 Hall’s Mill Road, P.O. Box 1600
Whitehouse Station, NJ 08889-1600
Telephone: 1-800-258-2930
E-mail: privacyinquiries@chubb.com
By using the Services or by consenting using a consent mechanism where provided you signify your consent to this Policy and this site’s Terms of Use. If you do not agree to this Policy or the site’s Terms of Use, please do not use the Services. The Services are not for use within any country or jurisdiction or by any persons where such use would constitute a violation of law. If this applies to you, you are not authorized to access or use any of the Services.
If you would like to exercise your rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 ("CCPA"), please visit us at our Data Subject Request web page or call us at the following toll-free telephone number 1-833-3249798.
You can find Chubb's CCPA Notice at Collection below.
This section of our Privacy Policy provides additional information for California residents pursuant to the CCPA and applies to "Personal Information" as defined in the CCPA, whether collected online or offline. This section of our Privacy Policy applies to www.chubb.com and other websites or mobile applications that link to this Privacy Policy (the “Services”), as well as offline activities where California residents are directed to this section of the Privacy Policy. It does not apply to www.combinedinsurance.com (except when Combined insurance products are sold under the Blink℠ by Chubb brand), www.rainhail.com, www.streamlabswater.com and any non-Chubb websites or mobile applications that you may access via the Services. Those services are governed by the privacy policies that appear on those sites and applications. As used in this section of our Privacy Policy, “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
Service Provider
Some Chubb business units and groups act as service providers under the CCPA. This means that they collect and use Personal Information on behalf of another company (for example, where ESIS, a wholly-owned subsidiary of Chubb, provides claims management services to third party insurers and insureds). Where your Personal Information is processed by ESIS or another Chubb company acting as a service provider, that other company’s privacy policy will explain its privacy practices, and you should submit any request to exercise CCPA rights directly to that company. Please note that in some instances, ESIS and other Chubb companies or business units may be acting as a service provider for other members of the Chubb Group of Insurance Companies, and, in those instances, this section of the Policy will apply. If you make a request to exercise CCPA rights to Chubb where it acts as a service provider under the CCPA, we may be required to disclose your request to the relevant company.
Personal Information Not Covered by this California Section of the Privacy Policy
There are a number of exemptions from the application of the CCPA. The following sets out some of the categories of Personal Information that are not subject to the CCPA, and therefore are not covered by this California section of the Privacy Policy. Note that other sections of the Privacy Policy may still apply in addition to other privacy notices that we may issue addressing our specific relationship with you, including privacy notices that are sent to individuals.
The following identifies the categories of Personal Information we may collect about you (and may have collected in the prior 12 months). Note that our collection, use and disclosure of Personal Information about you will vary depending upon the circumstances and nature of our interactions or relationship with you. Depending on how you use our Services, we may collect the following categories of Personal Information:
Sources of Personal Information
We generally collect Personal Information from the following categories of sources:
Purposes for Collecting and Disclosing Personal Information
As described in the “How We Use Personal Information” section above, in general, we collect and otherwise process the personal information we collect for the following business or commercial purposes:
Sensitive Personal Information
Notwithstanding the purposes described above, we do not collect, use, or disclose “sensitive personal information” beyond the purposes authorized by the CCPA. Accordingly, we only use and disclose sensitive personal information as reasonably necessary and proportionate: (i) to perform our services requested by you; (ii) to help ensure security and integrity, including to prevent, detect, and investigate security incidents; (iii) to detect, prevent and respond to malicious, fraudulent, deceptive, or illegal conduct; (iv) to verify or maintain the quality and safety of our services; (v) for compliance with our legal obligations; (vi) to our service providers who perform services on our behalf; and (vii) for purposes other than inferring characteristics about you.
Retention of Personal Information
We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Privacy Policy or otherwise disclosed to you at the time of collection. For example, we will retain certain identifiers for as long as it is necessary to comply with our tax, accounting and recordkeeping obligations, to administer certain policies and coverage, and for research, development and safety purposes, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and to comply with our legal obligations. From time to time, we may also deidentify your Personal Information, retain it and use it for a business purpose in compliance with CCPA.
Disclosure of Personal Information to Third Parties and Other Recipients
The categories of Personal Information we have disclosed for a business purpose in the preceding twelve (12) months include: identifiers, online identifiers, customer records, financial information, characteristics of protected classifications, usage data, biometric information, education information, geolocation data, audio, video, and other electronic data, professional or employment-related information, inferences, and sensitive personal information.
The categories of third parties and other recipients to whom we may disclose personal information for a business purpose may include:
Additionally, the CCPA defines “sale” as disclosing or making available personal information to a third-party in exchange for monetary or other valuable consideration, and “sharing” includes disclosing or making available personal information to a third-party for purposes of cross-contextual behavioral advertising. While we do not “sell” Personal Information, we may “share” the following categories of Personal Information: online identifiers, and usage data. We disclose this information to third-party advertising networks, analytics providers, and social networks for purposes of marketing and advertising. We do not sell or share “sensitive personal information,” nor do we sell or share any Personal Information about individuals who we know are under sixteen (16) years old.
Rights Regarding Your Personal Information
The CCPA provides California residents with specific rights regarding Personal Information. This section describes your rights under the CCPA and explains how to exercise those rights. Subject to certain exceptions, California consumers have the right to make the following requests:
Right to Know. With respect to the Personal Information we have collected about you in the prior (twelve) 12 months, you have the right to request from us (up to twice per year and subject to certain exemptions and carveouts):
Right to Correct. Subject to certain restrictions, you have the right to request that we correct inaccuracies in your Personal Information.
Right to Delete. Subject to certain conditions and exceptions, you have the right to request deletion of your Personal Information that we have collected about you.
Right to Opt-Out. You have the right to opt-out of “sales” and “sharing” of your Personal Information, as those terms are defined under the CCPA. While we do not “sell” Personal Information, our use of certain third-party analytics and advertising cookies may constitute “sharing” under the CCPA. To exercise your right to opt-out of the “sharing” of your Personal Information, please use the Do Not Sell or Share My Personal Information link at the bottom of our Site.
You also have the right to opt-out of “sales” and “sharing” of your Personal Information through the use of an opt-out preference signal. If our Site detects that your browser or device is transmitting an opt-out preference signal, such as the “global privacy control”—or GPC— signal, we will opt that browser or device out of cookies on our Site that result in a “sale” or “sharing” of your Personal Information. If you come to our Site from a different device or from a different browser on the same device, you will need to opt-out, or use an opt-out preference signal, for that browser and/or device as well.
Right to Limit Use and Disclosure of Sensitive Personal Information. We do not engage in uses or disclosures of Personal Information that would trigger the right to limit use of sensitive personal information under the CCPA.
Right to Non-Discrimination. We will not discriminate against you for exercising any of the rights described in this section.
Exercising Your Rights
If you are a California resident and would like to exercise your CCPA rights, you may do so via any of the methods described below:
Authorized Agent. You may designate someone as an authorized agent to submit requests and act on your behalf. Authorized agents will be required to provide proof of their authorization in their first communication with us, and we may also require that you directly verify your identity and the authority of your authorized agent.
Businesses operating as an authorized agent on behalf of a California resident must provide both of the following:
(1) Certificate of good standing with its state of organization; and
(2) A written authorization document, signed by the California resident, containing the California resident’s name, address, telephone number, and valid email address, and expressly authorizing the business to act on behalf of the California resident.
Individuals operating as an authorized agent on behalf of a California resident must provide a written authorization document, signed by the California resident, containing the California resident’s name, address, telephone number, and valid email address, and expressly authorizing the individual to act on behalf of the California resident.
We reserve the right to reject (1) authorized agents who have not fulfilled the above requirements, or (2) automated CCPA requests where we have reason to believe the security of the requestor’s personal information may be at risk.
Verification. Before responding to your request, we must first verify your identity using the Personal Information you recently provided to us. The information we need in order to verify your identity differs depending on the request made and our relationship with you and might include (as applicable) your name, the email address you regularly use to interact with us, your phone number, your date of birth, and, if available, your policy number. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. In some cases, we may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your Personal Information. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.
Contact Us
If you have any questions or comments about this section of the Privacy Policy, the ways in which we collect and use your Personal Information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Chubb Group
Attention: Privacy Inquiries
202 Hall’s Mill Road, P.O. Box 1600
Whitehouse Station, NJ 08889-1600
Telephone: 1-833-324-9798
E-mail: NAPrivacyOffice@chubb.com