Privacy Policy

First Acceptance Corporation (hereafter “Acceptance”) values you as a customer and respects your right to privacy.  You have our commitment to treat your personal and private information responsibly.  This policy is provided on behalf of Acceptance and its affiliates. First Acceptance Insurance Company, Inc.; First Acceptance Insurance Company of Georgia, Inc.; First Acceptance Insurance Company of Tennessee, Inc.; First Acceptance Services, Inc.; Acceptance Insurance Agency of Tennessee, Inc.; and Transit Automobile Club.

This is a PRIVACY NOTICE FOR CALIFORNIA RESIDENTS and applies solely to visitors, customers, users and others who reside in the State of California (“consumers” or “you”).  Acceptance adopts this notice to comply with the California Consumer Protection Act of 2018 (“CCPA”) and its amendments other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

I. Personal Information

EXAMPLES (Acceptance does not collect all categories of information listed below as examples)

A. Identifiers (Collected)

First name, maiden name, last name, alias, physical address, e-mail address, telephone number, social media profile, social media address, username, unique personal identifier, online identifier, Internet Protocol (IP) address, device IDs, account name, Social Security number, driver’s license number, passport number, and other similar identifiers.

B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (Collected)

A name, signature, Social Security number, driver’s license number, address, telephone number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, and medical information.

Some personal information included in this category may overlap with other categories.

C. Protected classification characteristics under California or federal law (Collected)

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions) sexual orientation, veteran or military status, genetic information (including familial genetic information).

D. Commercial Information (Collected)

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, such as details about payments to and from you, detailed regarding the services you have subscribed to or purchased, and details about your company or organization (such as contact information and website URL).

E. Biometric information (Not Collected)

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

F. Internet or other similar network activity (Collected)

Login data, browsing history, search history, access dates and times, browser type and version, device information, cookie data, browser plug-in types and versions, and operating system and platform and other technology on the devices used to access the Website, and other similar information on a consumer’s interaction with a website, application, or advertisement.

G. Geolocation data (Collected)

Physical location or movements, and time zone setting and approximate location; latitude and longitude.

H. Professional or employment-related information (Collected)

Current or past job history or performance evaluations, job searches, candidate searches, job applications, and any information provided in a resume/CV or job seeker profile (including, but not limited to, executive summary, objective, and education).

I. Sensory data (Collected)

Audio, electronic, visual, thermal, olfactory, or similar information.

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) (Not Collected)

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as, grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

K. Inferences drawn from other personal information (Collected)

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Inferences used to reflect a consumer’s preferences or behavior on our website.

II. Non-Personal Information

Acceptance collects, uses, and shares de-identified and/or aggregated consumer information, which is not considered personal information. Deidentified or aggregated data may be derived from your personal information, but is not considered personal information under CCPA, since it does not directly or indirectly reveal your identity.  For example, we may aggregate your internet or other similar network activity to calculate the percentage of users accessing a specific website feature.

Personal information also does not include publicly available information from government records, and other information excluded from the CCPA’s scope, like health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data, or personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

III. Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

A. Directly From You. For example, information we collect about you when you fill in forms, like quotes, applications or other documents, create an account, or correspond with us or our agents by post, phone, e-mail, or otherwise, including your name, address, e-mail address, age, social security number, driving history, property history, and health information.

B. Indirectly From You. For example, information through automated technologies or your transactions and interactions with us, our agents, affiliates, or others while providing you services, including your account balance and payment history, and observing your activity on our website.

C. Third Parties.

1. For example, information we receive from outside sources such as consumer reporting agencies, insurance agencies, and state motor vehicle departments. This may include your credit history, credit score, driving and accident history, or prior insurance coverage you have obtained, including claim history, information related to claims for benefits or coverage under a policy we issue, whether or not you are a customer. In relation to your health insurance business or medical-related claims, we may receive information from physicians, hospitals, medical professionals, other health care providers, and other sources related to health care and health history.  Please note that information obtained from outside sources may be retained by those outside sources and disclosed to other persons without our knowledge.

2. For example, information received from outside sources for data integration services and support of our digital marketplace.  This may include anonymization services to protect your personal information, lead sources and aggregators, social media, advertising, data analytics providers, or other advertising networks or service providers, other third-party sites, web browsers, and search engines.

3. For example, information about your computer hardware and software that we, or our service provider, may collect if you contact our website directly or through another website or link. This information can include: your IP address, browser type, device type, device information, domain address, access times, geographic location, your online activities and referring website address. When you visit our website, we use cookies, web beacons, and other technology to collect information about you and your activities on our website to provide services to you, enhance your online experience, and advertise our products and services. This information is also used for the operation of the website, to maintain quality of the website, and to provide general statistics regarding use of our website.

Use and Sharing of Personal Information

We disclose Personal Information to our business affiliates and partners, vendors, service providers, advertisers, and other third parties to provide you with superior service and to inform you of product and service opportunities that may be of interest to you. We may share any of the nonpublic Personal Information we collect about you and your accounts, as described above, as permitted by law. Our sharing of information about you is subject to your rights, detailed in this policy. We may use or disclose the Personal Information we collect for one or more of the following business purposes including the examples noted below:

A. To perform services, such as 1) fulfill the reason for which you provided us the information, such as quoting premiums, underwriting insurance, servicing insurance policies, and adjusting claims; 2) provide you with information, products or services that you request from us or any of our authorized representatives, such as insurance agents and claims adjusters; 3) to provide you with email alerts, web portal registrations, and other related information or news that may be of interest to you; and 4) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.

B. Security, such as to protect the rights, property, or safety of us, our clients, or others necessary or appropriate.

C. Certain Short-term uses, such as to improve our interactions with you and other consumers, e.g., during visits to one of our websites or when providing digital content.

D. Auditing, such as 1) to improve our website and operational procedures; 2) enhance your experience with our products and communication; and 3) to provide required information for internal and external audits for regulatory, legal, financial, technical, and operational compliance.

E. Internal Research for Technical Development, such as 1) for developing new technological solutions, improving efficiency and effectiveness of operations, and maintaining products at or above industry standards; and 2) to improve customer experience when interacting with staff and utilizing our services.

F. Debugging, such as identifying and repairing errors in our products, services, and related systems.

G. Quality and Safety Maintenance and Verification, such as 1) to assure accessibility and usability of our services and products as required by state and federal law; and 2) to comply with data security and privacy standards and protect sensitive information from unauthorized access.

H. Operational and Other Purposes, such as 1) to participate, as permitted by law, in academic and non-profit policy research; 2) to respond to law enforcement or regulatory agency requests, as required by applicable law, court order, or government regulations; 3) to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets or subsidiaries, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us is among the assets transferred; 4) to fulfill the purpose as otherwise described to you at the time we collected your Personal Information, or as otherwise set forth in the CCPA; and 5) to fulfill any of the above purposes on your behalf, we may disclose your Personal Information to other businesses or government agencies, such as i) financial service providers, like credit card issuers, insurance companies, and insurance agents; ii) non-financial companies, like credit reporting agencies, manufacturers, motor vehicle dealers, management companies, attorneys in fact, and telecommunication companies; iii) companies that perform business or professional services, like printing, mailing, data processing, analysis, or customer survey services, on our behalf; and iv) other companies we do business with to offer or provide financial products and services.

We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.

Disclosure / Sale of Personal Information

Regardless of your age, Acceptance does not sell your Personal Information regulated by CCPA. Federal and state laws have strict regulations about sharing and selling financial and insurance related nonpublic Personal Information.

Your Rights

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

I. Right to Know / Access

You have the right to know specific things about CCPA-regulated Personal Information that we have about you. You can request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

A. The categories of personal information we collected about you.

B. The categories of sources for the personal information we collected about you.

C. Our business or commercial purpose for collecting or selling that personal information.

D. The categories of third parties with whom we share that personal information.

E. The specific pieces of personal information we collected about you (also called a data portability request).

F. If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

1. sales, identifying the personal information categories that each category of recipient purchased; and

1. disclosure for a business purpose, identifying the personal information categories that each category of recipient         obtained.

II. Right to Request Deletion of Personal Information

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

1. Complete the transaction for which we collected the personal information, provided a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

1. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

1. Debug products to identify and repair errors that impair existing intended functionality.

1. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

1. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).

1. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other appliable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

1. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

1. Comply with a legal obligation.

1. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Instructions for submitting a verifiable consumer request and how we verify the request are provided below in section V, Exercising Access, Data Portability, Deletion, and Opt-Out Rights.

III. Right to Non-Discrimination for the Exercise of Your Privacy Rights

We will not discriminate against you for exercising any of your CCPA privacy rights. Unless permitted by the CCPA, we will not:

1. Deny you any goods or services.
2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
3. Provide you a different level of quality of goods or services.
4. Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.

IV. Right to Opt-Out

You have multiple rights that, when exercised, limit our disclosure of your Personal Information, including the following:

1. The right to prohibit certain businesses from selling their Personal Information to third parties.
2. The right to limit our sharing of your information across our affiliates for marketing products and services, in some cases. This means you can prohibit the Acceptance company with whom you have an account from sharing your information with some of our affiliates for their own marketing purposes.

With your prior consent, we will share your Personal Information with our trusted network of partners to help you obtain information that you have requested. For example, we do this when you submit your information to us to obtain insurance quotes. Additionally, some information sharing is permitted by law and is necessary to run our everyday business, such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus. However, federal law also gives you the right to limit some of your information, like credit worthiness, from being shared between affiliates for everyday business purposes.

If you choose to limit our sharing as allowed above, your choice will be applied to your policy and the personal information of the individuals covered by it. You may make your choice to opt out at any time. However, if we do not hear from you, we may share some of your information with affiliates and with other companies with whom we have contracts to provide products and services.

V. Exercising Access, Data Portability, Deletion, and Opt-Out Rights

To exercise the access, portability, deletion, or opt-out rights described above, please submit a verifiable consumer request to us by either:

1. Calling us at: 800.297.2498

1. Emailing: compliance@firstacceptance.com

1. Mailing: First Acceptance Corporation, 3813 Green Hills Village Drive, Nashville, TN 37215, ATTN: Compliance Department

1. Online: firstacceptance.com/legal/privacy-request

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

1. Provide sufficient information that allows us to reasonably verify you are the person or an authorized representative of the person we collected personal information on.
2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

VI. Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosure we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, it applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.

Contact For More Information

If you have any questions or comments about this notice, our Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 800.297.2498

Email: compliance@firstacceptance.com

Mail: First Acceptance Corporation, 3813 Green Hills Village Drive, Nashville, TN 37215, ATTN: Compliance Department

Website: firstacceptance.com

Online: firstacceptance.com/legal/privacy-request

This policy was last updated on February 2, 2023.