California Consumer Privacy Act Rights

Effective: January 1, 2020

Last Updated: January 2022

If you are a California resident, you may have rights under the California Consumer Privacy Act. Please review those rights below and the FAQs that follow.

A. Collection of Information

B. Sources of Information

C. Purposes of Collection of Information

D. Sharing of Information

E. Your Consumer Rights

F. Authorized Agent

G. Revisions

H. Contact Us

I. Frequently Asked Questions

A. Collection of Information

Nationwide may collect the following categories of personal information about you, such as when we provide you with our products or services:

Personal identifiers, such as name, address, and Social Security number;
Protected classifications, such as medical conditions or military or veteran status;
Commercial information, such as products or services purchased, consumer report information, and information from transactions;
Biometric information, such as your voiceprint when you call our call centers;
Internet, browsing, or other network information, such as internet protocol address, session ID, click or touch stream data, movement, scroll, and in some cases, keystroke activity;
Telematics data (excluding geolocation data) are collected in connection with our telematics discount or usage-based pay-per-mile insurance programs;
Geolocation data are collected in connection with your use of our websites or mobile apps;
Audio recordings, such as call center recordings;
Professional or employment information, such as information collected from job applications and resumes;
Education information, such as information collected from job applications, transcripts, or resumes; and
Inferences, such as those drawn from credit reports or motor vehicle reports or from clickstream data.

B. Sources of Information

The following are the categories of sources of personal information we collect about you:

We may collect personal identifiers from you, publicly available databases, data aggregators, advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers, and other third parties from whom we have purchased data;
We may collect protected classifications information from you or from medical providers;
We may collect commercial information from you directly or from your use of our websites or mobile apps, from credit reporting companies, and from consumer reporting companies;
We may collect biometric information (your voiceprint) from you directly when you call our call centers;
We may collect internet, browsing, or other network activity from your use of our websites, mobile apps, or telematics devices;
We collect telematics data (excluding geolocation data) from your use of telematics devices;
We may collect geolocation data from your use of our mobile apps or in connection with your use of our websites;
We may collect audio recordings when you call our customer service call centers;
We may collect professional or employment information from job applications, resumes, or recruiters;
We may collect education information from job applications, transcripts, resumes, or recruiters; and
We may collect inferences from your use of our websites, telematics devices, our mobile apps, or from information provided by credit or consumer reporting companies if you have applied for a financial product or service.

C. Purposes of Collection of Information

We collect and use personal information for our business purposes. For all categories of personal information listed in this policy, these business purposes include:

Auditing;
Detecting security incidents;
Protecting against and prosecuting malicious, deceptive, or illegal activity (such as fraud);
Debugging;
Short-term, transient use of personal information;
Performing services on behalf of Nationwide, another business, or a service provider (such as maintaining or servicing accounts or providing customer service);
Undertaking internal research; and
Verifying or maintaining the quality or safety of a service or device or improving a service or device.

Other examples of the business purposes include the following:

Personal identifiers are collected and used to respond to questions, requests, social media messages, and emails, track insurance applications, provide customer service, market and provide products and services to you, set up, manage and service policies and accounts, conduct website or other surveys, verify your identity, and update our records;
Protected classifications are collected and used to provide products and services to you;
Commercial information is collected and used to offer our SmartRide Program or other telematics or usage-based insurance programs to you, market products or services to you, and help predict your future claims;
Biometric information (your voiceprint) is collected and used for fraud prevention or authentication purposes;
Internet, browsing, or other network activity is collected and used to conduct website and mobile app analysis, conduct research and analytics, develop and improve our websites and mobile apps, market and provide products or services to you, manage our online advertising and its effectiveness, remember your preferences and interactions, respond to questions and emails, manage and service policies and accounts, conduct website and other surveys, fraud prevention, and offer our SmartRide Program or other telematics or usage-based insurance programs to you;
Telematics data (excluding geolocation data) are collected and used to offer our telematics discount or usage-based pay-per-mile insurance programs, and the telematics data collected in connection with these programs are only used for determining actual miles driven;
Geolocation data are collected and used to, conduct website and mobile app analysis, develop and improve our websites and mobile apps, and market products or services to you;
Audio recordings are collected and used to improve customer service;
Professional or employment information is collected and used to process job applications and offers or denials of employment;
Education information is collected and used for processing and evaluating your job application and related materials; and
Inferences are collected and used to market products or services to you, improve our services and products, and help predict your future claims.

We also collect and use all categories of personal information listed in this policy to comply with our legal obligations including to comply with law enforcement or government authority requests, participate in judicial proceedings, and investigate fraudulent activity, resolve disputes, enforce our agreements, provide you with our products or services you have purchased, for everyday servicing purposes, and as otherwise described to you at the point of collection.

We share your personal information for the business purposes listed above and for the following reasons:

Personal identifiers may be shared with entities that provide us with customer service, account setup, account management and servicing, and data verification services;
Protected classifications information may be shared with entities that provide us with services to provide products and services to you;
Commercial information may be shared with entities that help us offer our SmartRide Program or other telematics or usage-based insurance programs to you, help market products or services to you, and help predict your future claims;
Your biometric information (voiceprint) may be shared with our service providers to assist in authentication and to service your account;
Internet, browsing, or other network information may be shared with entities that assist us with conducting website and mobile app analysis, conducting research and analytics, developing our websites and mobile apps, collecting information about our website and mobile app usage and email responses, marketing and providing products or services to you, managing our online advertising and its effectiveness, responding to questions and emails, managing and servicing policies and accounts, and helping to offer our SmartRide Program or other telematics or usage- based insurance programs to you;
Telematics data (excluding geolocation data) may be shared with entities that assist us in providing our telematics discount or usage-based pay-per-mile insurance programs;
Geolocation data may be shared with entities that assist us in providing our telematics discount or usage-based pay-per-mile insurance programs to you, conducting website and mobile app analysis, developing our websites, mobile apps, or insurance programs, and marketing products or services to you;
Audio recordings may be shared with entities that provide us with services to improve customer service or for authentication or fraud investigation purposes;
Professional or employment information may be shared with recruiters or with entities that help us with processing job applications or offers or denials of employment;
Education information may be shared with entities that provide us with human resources, job application, or recruitment services; and
Inferences may be shared with entities that provide us with services to market products or services to you and help predict your future claims.

Nationwide may also share all categories of personal information as part of corporate transactions, such as mergers, acquisitions, or divestitures, as well as with our affiliates and subsidiaries. We may be required to share all categories of personal information with law enforcement, regulatory agencies, or litigants based on enforceable requests for this information.

We do not sell personal information of California consumers. We, our service providers, and third parties such as advertising, social media, and analytics companies may, however, use cookies and related tracking technologies such as web beacons, pixel tags, and flash objects (collectively “Cookies”) to collect information about your visits to our website and third-party websites and then use that information to deliver advertisements relevant to your interests. Information collected about you on our website by third parties could be combined with other information that you’ve provided to them or that they’ve collected from your use of their services. To opt out of the collection of your personal information using cookies and other tracking technology for advertising purposes, you can modify your cookies settings using the cookie preference center located on www.nationwide.com You can also opt out of cookies through your web browser. Please refer to the help section of your browser or mobile device for more information.

We do not knowingly collect, disclose, or sell the personal information of consumers under 16 years of age.

E. Your Consumer Rights

You may have a right to notice, opt out, non-discrimination, access, and deletion.

Notice. You have the right to know about the personal information collected, used, disclosed, or sold. This policy is intended to satisfy that right.
Opt-out. While you have the right to direct us not to sell your personal information to third parties, Nationwide does not sell your personal information. Therefore, there is no need for you to opt out of the sale of your personal information.
Non-discrimination. You have the right not to be discriminated against for exercising any of the rights in this section. We do not use the fact that you have exercised or requested to exercise any CCPA rights for any purpose other than facilitating a response to your request.
Access. You have the right to access your personal information. You may make a request to access using the personal information access request webform to request access to your personal information or call 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays).
Deletion. You have the right to request that we delete the personal information we have collected about you. You may use the personal information deletion request webform personal information deletion request webform to request the deletion of your personal information or call 1-844-541- 4300 (12 p.m. – 6 p.m. ET, weekdays).

Before we fulfill any of your requests, we are required to verify that you are the person that is the subject of the request (the “Verification Process”). The Verification Process consists of you answering a series of questions correctly to verify your identity. If you experience technical errors with or are unwilling to verify your identity through the Verification Process, please contact us at 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays) or consumerprivacy@nationwide.com, and we will send to you a notary form that you must sign, notarize, and return to us by mail. Notary forms may be mailed to the address provided in the Contact Us section below. Nationwide will reimburse you for any notarization fees. Failure to verify your identity may result in the denial of your request. The FAQs below provide you with additional information about this process. Please note, if we cannot verify your identity, we will not be able to respond to your request.

We try to process requests within 45 days of receiving the request. If we need more time or additional information to fulfill your request, we will let you know that we need additional time and why.

F. Authorized Agent

You have the right to designate an authorized agent to make a request on your behalf. Your designated agent may use this personal information access request webform and this personal information deletion request webform or call 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays) to make a request on your behalf. We must receive signed permission designating the authorized agent to submit the request or a properly executed power of attorney that describes you, your designated authorized agent, and the purpose of the designation. If you provide the authorized agent with signed permission, we request that you also verify your own identity with us directly and confirm that you provided the authorized agent permission to submit the request. The FAQs below provide you with additional information about this process.

G. Do Not Track

California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn't an industry or legal standard for recognizing or honoring DNT signals, we don't respond to them at this time.

H. Revisions

Nationwide may revise this policy from time to time as permitted by law. Nationwide will provide you the revised policy on this website, on a website that replaces this website, in person, via email, or using other methods. Changes shall become effective on the date they are posted.

I. Contact Us

You may contact us at consumerprivacy@nationwide.com if you have any questions or concerns about this policy or your rights.

You may mail notary forms and power of attorney documentation to the following address:

P.O. Box 182189

Columbus, Ohio 43218-2189

J. Frequently Asked Questions

Expand all

1. What is Nationwide’s privacy policy?

You may read Nationwide’s Online Privacy, California Consumer Privacy Act Rights policy, and Insurance and Financial Product Privacy Notices. Depending on your relationship with us, one or more of these privacy documents may apply to you.

2. What are my rights under Nationwide’s privacy policies?

In addition to the rights described above, depending on your relationship with us, you may have a right of access and correction relating to your personal information under other laws.

If you use our websites, you will have the rights we describe under our Online Privacy Policy. These rights include your right not to provide us with personal information, opting out of targeted ads, or opting out of cookies.

If you also obtain financial services products from us, you may also have the rights described in our Insurance and Financial Product Privacy Notices. Those rights include the right of access and correction and opting out of affiliate marketing, where applicable.

3. What is the California Consumer Privacy Act?

The California Consumer Privacy Act (CCPA) is an act that was passed by the California legislature in 2018. It took effect on January 1, 2020. It provides individuals with privacy rights that are similar to existing rights under GLBA. However, the rights under CCPA apply to all California residents, unlike GLBA rights, which apply to customers or consumers of financial institutions.

4. What are my rights under the California Consumer Privacy Act?

You have the rights of notice, opt out, non-discrimination, access, and deletion. You may find additional information about these rights in our California Consumer Privacy Act Rights policy.

5. Where can I exercise my rights under the California Consumer Privacy Act?

You may exercise your rights under CCPA using the personal information access request webform and the personal information deletion request webform or by calling 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays).

Your authorized agent may exercise your rights under CCPA on your behalf by using this personal information access request webform and this personal information deletion request webform or by calling 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays).

6. Does Nationwide sell my personal information?

Nationwide does not sell your personal information.

7. How do I opt out of Nationwide selling my personal information?

You need not opt out of the selling of your personal information because Nationwide does not sell your personal information. However, if you are a customer that obtains financial products from us, you may opt out of the sharing of your personal information with our affiliates by calling 1-866-280-1809.

You can also opt out of the collection of your personal information using cookies and other tracking technology for advertising purposes by modifying your cookies settings using the cookie preference center located on www.nationwide.com or opting out of cookies through your web browser. Please refer to the help section of your browser or mobile device for more information.

8. How do I access my credit reports?

We may collect information about you from credit reporting agencies as permitted under the FCRA for permissible purposes (such as underwriting insurance). If you would like to obtain a copy of your credit report, please contact a credit reporting agency of your choice. You may also obtain a free credit report by visiting the annual credit report website.

9. Who can I contact regarding other questions for California Consumer Privacy Act and Nationwide?

You may read more about your rights under CCPA by reading our California Consumer Privacy Act Policy. You may also contact Nationwide with any remaining privacy questions at consumerprivacy@nationwide.com.

10. What must I do to access my personal information under CCPA?

You must either use this personal information access request form or call us at 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays). You must provide us with your personal information so that we may locate your information in our systems and distinguish it from the information of others—for example, individuals who may have similar names or addresses to you. You may need to provide us with your name, email address, address, phone number, driver’s license number, Social Security number, or account information, depending on the information you would like to access. After you provide us with your personal information, you must also verify your identity by accurately answering a series of questions about yourself.

11. What if I am a job applicant?

Nationwide’s California Consumer Privacy Act Rights policy is intended to provide you with your right to know the categories of personal information we collect and the purposes for which personal information is to be used under the CCPA. However, please note that job applicants do not currently have rights to access or delete personal information under the CCPA. Furthermore, please note that Nationwide does not sell your personal information in the context of your job application. Therefore, you don’t have to opt out of the sale of your personal information.

12. Why must I verify myself?

Nationwide must comply with the requirements of CCPA and the regulations promulgated by the California Attorney General regarding verifiable consumer requests while allowing you to exercise your rights under the law. In order to preserve the privacy and the security of the information you are trying to access or delete, we require proof that you are who you say you are. We have implemented an identity verification solution to ask you a series of questions, which, if you answer accurately, provides us reasonable assurances that you are who you say you are.

13. Why did I receive more than one report?

If you are California resident and you provide us with your notarized access form, as a courtesy to you, we may also provide you with personal information under GLBA. Therefore, you may receive a personal information report under CCPA and a personal information report under GLBA. These laws have different time periods for responding to such requests. Therefore, you may receive your GLBA report before your CCPA report.

14. When I access my information, why is my personal information displayed in the manner it is displayed in?

In allowing you to access your information, we request information from various business units that may store your personal information. Some of this information may include some variation as a result of the manner in which it was provided to us or during the time it was provided to us. For example, for one product, we may have your work phone number and work address, while for another product, we may have your home phone number and home address. We may have an old address for a product that you have not used for some time, while we may have a current address for a product that you are currently using. In order to provide you with a comprehensive report, we provide you with the information from your various business units as we obtain it and we do not run additional filters on this information.

15. How do I correct my information?

You may correct your information by calling us at 1-877-669-6877. However, depending on the product that your request relates to, you may need to contact your insurance agent or broker dealer to correct it.

16. What is an authorized agent?

An authorized agent is a person or business registered with the California Secretary of State to conduct business in California that you have authorized to act on your behalf for the purposes of exercising your rights under this policy.

17. Are there any authorized agent designation requirements?

Yes. When using an authorized agent, you must provide the agent with written and signed permission to act on your behalf or a properly executed power of attorney that describes you and your authorized agent in a verifiable manner and the purpose of your request. Signed permissions may be submitted as an attachment to your request or via postal mail, and power of attorneys must be submitted via postal mail. Power of attorneys may be mailed to the address provided in the Contact Us section above. Nationwide may reject a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

Additionally, if you provide the authorized agent with signed written permission, you must also verify your own identity directly with Nationwide and confirm with us that you provided the authorized agent permission to submit the request. To do so, our customer service representative will contact you via the telephone number submitted in your request. The representative will ask you a series of questions that you must answer correctly to verify your identity (the “Verification Process”). If you experience technical errors with or are unwilling to verify your identity through the Verification Process, please contact us at 1-844-541-4300 (12 p.m. – 6 p.m. ET, weekdays) or consumerprivacy@nationwide.com, and we will send to you a notary form that you must sign, notarize, and return to us by mail. Notary forms may be mailed to the address provided in the Contact Us section above. Nationwide will reimburse you for any notarization fees. Failure to verify your identity may result in the denial of your request.

18. Does Nationwide charge a fee to respond to requests under CCPA?

Generally, no. However, we may charge a reasonable fee for or refuse to act on requests that are manifestly unfounded or excessive, including repetitive requests. If we refuse to act on a request, we will notify you of the reason.

19. How long will it take to access my personal information?

In most cases, you will receive a response within 45 days. In some cases, we may need additional time (up to 45 days) to prepare your response. If that is the case, we will notify you of our need for additional time and explain to you the reason why we need more time prior to the end of the initial 45-day period. In all cases, you will receive a response within 90 days of the date of the request.

20. Why didn’t I get any information?

It may be that we were unable to find you in our systems with the information you provided to us. If you make a subsequent request and provide additional information about yourself, we may be able to find out more information about you in our systems. It is also possible that any information you may have provided us has since been deleted as a part of our records retention policies. Your information may be in a record that is exempted from disclosure under the CCPA or other applicable privacy law.

21. Why did I get so little information?

The information you provided may not have been adequate to match the information in our databases. Your information may be in a record that is exempted from disclosure under the CCPA or other applicable privacy law.

22. Does my personal information access report include everything that you have about me?

Not necessarily. Some types of information are exempt from the CCPA. Generally, CCPA does not apply to credit reports under the Fair Credit Reporting Act, financial records under GLBA, or medical records under Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act.

In addition, please note that the CCPA regulations do not require us to search for personal information if we:

Do not maintain the personal information in a searchable or reasonably accessible format;
Maintain the personal information solely for legal or compliance purposes; and
Do not sell the personal information and do not use it for any commercial purpose.

The types of records we did not search include records relating to litigation and claims, among others.

As a result, these types of personal information or records are not included in your personal information access report.

23. For what purposes do you use the information provided in my request?

We use the information you provide us during the access or deletion requests to process your request.

24. How long do you retain the information about my request?

We retain the information relating to your request in accordance with our legal obligations and records retention policies. We may retain the information about your request to track and fulfill your request. Please note that we will maintain a record of your request and all correspondence for at least 24 months. We collect, store, or process your information in compliance with our privacy policies.

25. What happens when I request that you delete my data?

We delete your data subject to our legal obligations and related records retention policies.

Please note that, under the CCPA, we are not required to comply with your request to delete your personal information if it is necessary for Nationwide to maintain your personal information in order to:

Complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between Nationwide and you;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
Debug to identify and repair errors that impair existing intended functionality;
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
Comply with the California Electronic Communications Privacy Act;
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent;
Enable solely internal uses that are reasonably aligned with a consumer’s expectations based on their relationship with Nationwide;
Comply with a legal obligation; or
Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Please note that, as permitted under the CCPA regulations, we may retain your personal information in our backup or archive systems until the retention period of those systems expire.

26. How long do you retain my information?

We retain your information in accordance with our legal obligations, our records retention policies, or as otherwise permitted by law. For example, we may have a legal obligation to retain information relating to your agreements with us or claims relating to your products or services. We will delete your data once the legal obligation expires or after the period of time specified in our records retention policies.

27. How long do I have access to my request?

For your security, your request will be available for you to access for 30 days after which it will be deleted. If you would like to access your personal information again, please make another request.

28. Why was my request denied?

We may have rejected your request for several reasons. Because it is important for us to verify your identity for security purposes, we need to ensure that you are who you claim to be. If you fail to verify your identity through the Verification process, we may reject your request. If signatures or seals in your verifiable request were missing or invalid, we may reject your request. If your notarized form had items removed or not matching to your request, we may reject your request. If you already have an open request, we may reject your request. If you did not confirm your email, we may reject your request. We may have rejected your request because we were unable to determine that you are a California resident.

29. How many requests may I make in one year?

You may make two requests to access your personal information in a 12-month period under the CCPA. You may make more than two requests; however, we are not required under the CCPA to respond to them.

Table of Contents

A. Collection of Information

B. Sources of Information

C. Purposes of Collection of Information

D. Sharing of Information

E. Your Consumer Rights

F. Authorized Agent

G. Do Not Track

H. Revisions

I. Contact Us

J. Frequently Asked Questions

Share: