Privacy Notice for Job Applicants, Employees, Contractors, and Their Emergency Contacts

Last Updated: January 5, 2023

This Privacy Notice for Job Applicants, Employees, Contractors, and Their Emergency Contacts (“Privacy Notice”) applies to job applicants, employees, contractors, and their emergency contacts (“employee” or “you”). It does not apply to personal information covered by HIPAA or to publicly available, deidentified, or aggregated personal information.**

For purposes of this Privacy Notice, “Great American”, “we”, and “us” means the Great American property and casualty insurance companies and operations.

This Privacy Notice pertains to personal information we may have collected in the last twelve (12) months.

**For business based in Canada, Europe, UK, Singapore, and Mexico, please refer to your compliance or HR department representative for a copy of your local privacy notice.

Personal Information We Collect

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information” or “PI”). We may collect the following categories of your personal information:

Category of Personal InformationExamples
Identifiers (“Identifiers”)Name, alias, postal address, social security number, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver’s license number, passport number, or other similar identifiers.
Categories listed in the California Customer Records statue (Cal. Civ. Code 1798.80(e)) (“Other PI”) Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, or any other financial information or health information. Some personal information included in this category may overlap with other categories.
Sensitive (“Sensitive”)Personal information that reveals an employee’s social security, driver’s license, state identification card, or passport number; an employee’s account login, or corporate credit card number in combination with any required security or access code, password, or credentials allowing access to an account; an employee’s precise geolocation; an employee’s racial or ethnic origin or religious or philosophical beliefs; the contents of an employee’s mail, email and text messages that are sent or received using applications or equipment owned or controlled by us, unless we are the intended recipient of the communication; the processing of biometric information for the purpose of uniquely identifying an individual; personal information collected and analyzed concerning an employee’s health. Some personal information included in this category may overlap with other categories.
Characteristics of protected classifications under California or federal law (“Characteristics”)Age (40 years and older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy, or childbirth and related medical conditions), sexual orientation, and veteran or military status.
Commercial information (“Commercial”)Records of personal property, products, or services purchased, obtained, or considered.
Biometric Information (“Biometric”)Physiological, biological, or behavioral characteristics, such as fingerprints.
Internet or other electronic network activity information (“Internet Activity”)Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
Geolocation data (“Geolocation”)Physical location and/or movements.
Sensory data (“Sensory”)Audio, electronic, visual, or similar information.
Professional or employment-related information (“Professional”)Current and/or past employment history, professional licenses, or affiliations. Education records for maintaining continuing education requirements.
Non-public education information (as defined in the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34 C.F.R. Part 99)) (“Education”)Education records, files, documents, and other materials directly related to a student maintained by an educational agency or institution or by a person acting for such an agency or institution, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records
Inferences drawn from other personal information (“Inferences”)Information used to create a profile about an employee reflecting the employee’s preferences, characteristics, predispositions, behavior, attitudes, abilities, and aptitudes.

Uses and Disclosures of Personal Information

We may use the categories of personal information for the following purposes:

Category of Personal InformationPurposes
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics
  • Commercial
  • Internet Activity
  • Geolocation
  • Sensory
  • Professional
  • Education
  • Inferences
  • To fulfill or meet the purpose for which you provided the information
  • To contact you with regard to your relationship with us, respond to your inquiries, and otherwise communicate with you
  • To contact third parties whose contact information you provide to us in case of an emergency or otherwise as permitted by applicable law
  • To allow you access to our technology assets, accounts, and physical premises
  • To help maintain the safety, security, and integrity of our technology assets, information, or accounts you may have with us, and our physical premises
  • To administer our policies and procedures and to investigate any potential violations of our policies or procedures or contract of employment
  • To report information to government agencies as required by applicable law, and otherwise to comply with applicable laws and government programs in which we participate
  • To respond to law enforcement requests and as required by applicable law, court order, or local, state, or federal government regulations
  • As necessary or appropriate to protect the rights, property, or safety of us, our clients, or others, including in connection with obtaining legal advice or establishing or defending our rights
  • For other company-related programs or services, including but not limited to administering our drug-free workplace program, coordinating business-related travel, or allowing use of company-owned automobiles
  • To provide, support, and improve our website and services relating to your employment or potential employment
  • For internal business purposes
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics
  • Commercial
  • Geolocation
  • Sensory
  • Professional
  • Education
  • Inferences
  • To administer payroll, payment of expenses, and other employee benefits, such as leave of absence, employee wellness programs, retirement plans, medical insurance, education reimbursement, or bonuses
  • To confirm your eligibility for employment or other professional engagement, such as conducting a background check, obtaining a consumer report or investigative consumer report about you, verifying your identity, and confirming your authorization to work in the US
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics (if provided)
  • Internet Activity
  • Sensory
  • Professional
  • Education
  • Inferences
  • For recruitment, promotion, job transfer, processing your job application, and assessing your candidacy for employment or other professional engagement with us
  • Identifiers
  • Other PI
  • Sensitive
  • Internet Activity
  • Geolocation
  • Sensory
  • Professional
  • Education
  • Inferences
  • To evaluate your performance as an employee or other professional engagement with us
  • Identifiers
  • Other PI
  • Commercial
  • Internet Activity
  • Sensory
  • Professional
  • Inferences
  • To provide you with information about products or services from business partners that we think may be of interest to you
  • Biometric
  • For certain positions within the organization, in order to fulfill regulatory obligations, we may be required to collect your fingerprints and provide them to our regulators and other third parties

Sources of Personal Information

Category of Personal InformationSources
  • All Categories except Biometric
  • Directly and indirectly from activity on our website (www.gaig.com), other Great American Insurance Group member websites, intranet, or mobile apps. For example, from submissions you make, when you access our portals, and/or from website details collected automatically when you access our website.
  • From third parties that interact with us or support us. For example, from recruiters, service providers who assist us with providing or improving our services, service providers who assist us with fraud detection or compliance with government regulations or laws, or government agencies.
  • Indirectly. For example, from information provided by an agent or supplier of yours.
  • All Categories except Inferences
  • Directly from you. For example, from forms you complete and/or information you request.
  • Identifiers and Internet Activity
  • Through tracking technologies when you access and use our website, including cookies, browser fingerprinting, and location identifying technologies. See our Cookie Policy on www.gaig.com for information on how we use cookies.

Third Parties to Whom Personal Information is Disclosed

Category of Personal InformationThird Parties
  • All Categories
  • Our affiliates or pursuant to a business transfer
  • Government agencies or to protect the rights of our Company or others
  • Pursuant to a legal request or subpoena
  • Third parties who assist with any of the above
  • Other third parties at your direction
  • All Categories except Biometric
  • Our service providers
  • Identifiers and Internet Activity
  • When you interact with third-party content on our website

For California Residents: Your Privacy Rights

The California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA) and its implementing regulations (collectively, the CCPA), provides California residents specific rights regarding the processing of their personal information. This section describes your CCPA rights and explains how to exercise those rights and how to make a verifiable request.

Right to Know and Access Your Information

You have the right to request that we disclose to you:

  1. the categories of personal information we have collected about you;
  2. the categories of sources from which we collect your personal information;
  3. the business or commercial purposes for collecting or disclosing your personal information;
  4. the categories of third parties to whom we disclose your personal information;
  5. the categories of personal information we have disclosed about you for a business purpose; and
  6. the specific pieces of personal information we have collected about you.

To request any of these disclosures, you or someone legally authorized to act on your behalf (“authorized agent”), can reach out to us directly by telephone or submit a request form, as further detailed below.

Right to Correct

You have the right to request that we correct any inaccurate personal information we maintain about you. To request a correction of your inaccurate personal information, you or someone legally authorized to act on your behalf (“authorized agent”), can reach out to us directly by telephone or submit a request form, as further detailed below.

Right to Request Deletion

You have the right to request that we delete your personal information. To make a deletion request, you or your authorized agent, can reach out to us directly by telephone or submit a request form, as further detailed below.

You should be aware, however, that California law allows us to retain your personal information under certain conditions, even if you have asked us to delete it. We, therefore, may deny your deletion request if, for example, retaining the information is necessary for us or our service provider(s), including, but not limited to, for any of the following reasons:

  1. to complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  2. help to ensure security and integrity to the extent the use of the personal information is reasonably necessary and proportionate for those purposes; or
  3. to comply with a legal obligation.

We will promptly consider all deletion requests. In addition, we will notify you of any denial of your deletion request and the reason for such denial.

Right to Opt-Out of Sale or Sharing Personal Information

You have the right to opt-out of the sale of your personal information. You also have the right to opt-out of the sharing of your personal information for cross-context behavioral advertising purposes.

We do not sell your personal information. We also do not share your personal information for cross-context behavioral advertising purposes.

Right to No Retaliation Following Opt-Out or Exercise of Other Rights

We will not discriminate against you because you have chosen to exercise any of your privacy rights described above.

How to Exercise Your CCPA Rights

If you wish to exercise any legal rights with respect to your personal information, you or someone legally authorized to act on your behalf (“authorized agent’) can exercise your rights by:

  1. calling us at 1-866-723-3149 or
  2. complete the form

Only you, or your authorized agent, may make a request related to your personal information. You also may make a request on behalf of your minor child.

We cannot respond to your request or provide you with personal information if we cannot (i) verify your identity or authority to make the request, and (ii) confirm the personal information relates to you. To make a verifiable request, you must:

  1. provide sufficient information to allow us to reasonably verify you are the person about whom we collected personal information or that you are the person authorized to make the request. If you are an authorized agent, you also will be required to provide proof that you are authorized to make the request, such as by providing a copy of the written permission from the person on whose behalf you are making the request; and
  2. describe your request with sufficient detail that allows us to properly understand, evaluate, and respond.

We will only use personal information you provide to verify your identity or authority to make the request. Making a verifiable request does not require you to create an account with us.

Changes to this Privacy Notice

This Privacy Notice may be changed from time to time. The date noted on the Privacy Notice indicates when it was last revised.

Contact Information

If you have questions about this notice, please contact us at:
Phone: 800-545-4269
Email: clegal@gaig.com

This Privacy Notice is not a contract for employment and does not alter the employment ‎at-will relationship between us and any employee