Privacy Notice for Job Applicants, Employees, Contractors, and Their Emergency Contacts/Notice at Collection

Last Updated: February 4, 2026

This Privacy Notice for Job Applicants, Employees, Contractors, and Their Emergency Contacts (“Privacy Notice”) applies to job applicants, employees, contractors, and their emergency contacts (“employee” or “you”). It does not apply to de-identified, aggregate, anonymized, or publicly available information or to personal information covered by other specific privacy laws, such as HIPAA, the Fair Credit Reporting Act (FCRA), the Driver's Privacy Protection Act of 1994, or the Gramm-Leach-Bliley Act ("GLBA) or implementing laws or regulations.**

For purposes of this Privacy Notice, “Great American”, “we”, and “us” means the Great American property and casualty insurance companies and operations.

This Privacy Notice pertains to personal information we may have collected in the last twelve (12) months.

**For business based in Europe, UK, Singapore, and Mexico, please refer to your compliance or HR department representative for a copy of your local privacy notice.

Personal Information We Collect

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household (“personal information” or “PI”). We may collect the following categories of your personal information:

Category of Personal InformationExamples
Identifiers (“Identifiers”)Name, alias, postal address, social security number (or social insurance number), unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver’s license number, passport number, or other similar identifiers.
Categories listed in the California Customer Records statue (Cal. Civ. Code 1798.80(e)) (“Other PI”) Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, or any other financial information or health information. Some personal information included in this category may overlap with other categories.
Sensitive (“Sensitive”)Personal information that reveals an employee’s social security (or social insurance number), driver’s license, state identification card, or passport number; criminal offense information; an employee’s account login, or corporate credit card number in combination with any required security or access code, password, or credentials allowing access to an account; an employee’s precise geolocation; an employee’s racial or ethnic origin or religious or philosophical beliefs; the contents of an employee’s mail, email and text messages that are sent or received using applications or equipment owned or controlled by us, unless we are the intended recipient of the communication; the processing of biometric information for the purpose of uniquely identifying an individual; personal information collected and analyzed concerning an employee’s health. Some personal information included in this category may overlap with other categories.
Characteristics of protected classifications under California, state, federal or other applicable law (“Characteristics”)Age (40 years and older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy, or childbirth and related medical conditions), sexual orientation, and veteran or military status.
Commercial information (“Commercial”)Records of personal property, products, or services purchased, obtained, or considered.
Biometric Information (“Biometric”)Physiological, biological, or behavioral characteristics, such as fingerprints.
Internet or other electronic network activity information (“Internet Activity”)Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
Geolocation data (“Geolocation”)Physical location and/or movements.
Sensory data (“Sensory”)Audio, electronic, visual, or similar information.
Professional or employment-related information (“Professional”)Current and/or past employment history, information regarding salary (such as salary expectations), professional licenses, or affiliations. Education records for maintaining continuing education requirements.
Non-public education information (as defined in the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34 C.F.R. Part 99)) (“Education”)Education records, files, documents, and other materials directly related to a student maintained by an educational agency or institution or by a person acting for such an agency or institution, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records
Inferences drawn from other personal information (“Inferences”)Information used to create a profile about an employee reflecting the employee’s preferences, characteristics, predispositions, behavior, attitudes, abilities, and aptitudes.

Uses and Disclosures of Personal Information

We may use the categories of personal information for the following purposes:

Category of Personal InformationPurposes
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics
  • Commercial
  • Internet Activity
  • Geolocation
  • Sensory
  • Professional
  • Education
  • Inferences
  • To fulfill or meet the purpose for which you provided the information
  • To contact you with regard to your relationship with us, respond to your inquiries, and otherwise communicate with you
  • To contact third parties whose contact information you provide to us in case of an emergency or otherwise as permitted by applicable law
  • To allow you access to our technology assets, accounts, and physical premises
  • To help maintain the safety, security, and integrity of our technology assets, information, or accounts you may have with us, and our physical premises
  • To administer our policies and procedures and to investigate any potential violations of our policies or procedures or contract of employment
  • To report information to government agencies as required by applicable law, and otherwise to comply with applicable laws and government programs in which we participate
  • To respond to law enforcement requests and as required by applicable law, court order, or local, state, or federal government regulations
  • As necessary or appropriate to protect the rights, property, or safety of us, our clients, or others, including in connection with obtaining legal advice or establishing or defending our rights
  • For other company-related programs or services, including but not limited to administering our drug-free workplace program, coordinating business-related travel, or allowing use of company-owned automobiles
  • To provide, support, and improve our website and services relating to your employment or potential employment
  • For internal business purposes
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics
  • Commercial
  • Sensory
  • Professional
  • Education
  • Inferences
  • To administer payroll, payment of expenses, and other employee benefits, such as leave of absence, employee wellness programs, retirement plans, insurance, education reimbursement, or bonuses
  • To confirm your eligibility for employment or other professional engagement, such as conducting a background check, obtaining a consumer report or investigative consumer report about you, verifying your identity, and confirming your authorization to work in the applicable jurisdiction
  • Identifiers
  • Other PI
  • Sensitive
  • Characteristics (if provided)
  • Sensory
  • Professional
  • Education
  • Inferences
  • For recruitment, promotion, job transfer, processing your job application, and assessing your candidacy for employment or other professional engagement with us
  • Identifiers
  • Other PI
  • Sensitive
  • Sensory
  • Professional
  • Education
  • Inferences
  • To evaluate your performance as an employee or other professional engagement with us
  • Identifiers
  • Other PI
  • Commercial
  • Professional
  • To provide you with information about products or services from business partners that we think may be of interest to you
  • Biometric
  • For certain positions within the organization, in order to fulfill regulatory obligations, we may be required to collect your fingerprints and provide them to our regulators and other third parties

Sources of Personal Information

Category of Personal InformationSources
  • All Categories except Biometric
  • Directly and indirectly from activity on our website (www.gaig.com), other Great American Insurance Group member websites, intranet, or mobile apps. For example, from submissions you make, when you access our portals, and/or from website details collected automatically when you access our website.
  • From third parties that interact with us or support us. For example, from recruiters, job boards, online recruitment websites, service providers who assist us with providing or improving our services, service providers who assist us with fraud detection or compliance with government regulations or laws, or government agencies.
  • Indirectly. For example, from information provided by an agent, supplier or reference of yours.
  • All Categories except Inferences
  • Directly from you. For example, from forms you complete and/or information you request.
  • Identifiers and Internet Activity
  • Through tracking technologies when you access and use our website, including cookies, browser fingerprinting, and location identifying technologies. See our Cookie Policy on www.gaig.com for information on how we use cookies.

Third Parties to Whom Personal Information is Disclosed

Category of Personal InformationThird Parties
  • All Categories
  • Our affiliates
  • Government agencies or to protect the rights of our Company or others
  • Pursuant to a legal request or subpoena
  • For purposes of planning, due diligence and implementation of commercial transactions, such as mergers, acquisitions, asset sales or transfers, bankruptcy or reorganization or other similar business transactions
  • To establish, exercise or defend against claims
  • Third parties who assist with any of the above
  • Other third parties at your direction
  • Other purposes that are authorized by applicable law
  • All Categories except Biometric
  • Our service providers
  • Identifiers and Internet Activity
  • When you interact with third-party content on our website

For California Residents: Your Privacy Rights

The California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA) and its implementing regulations (collectively, the CCPA), provides California residents specific rights regarding the processing of their personal information. This section describes your CCPA rights and explains how to exercise those rights, subject to limitations and exceptions described in the CCPA.

Right to Know and Access Your Information

You have the right to request that we disclose to you:

  1. the categories of personal information we have collected about you;
  2. the categories of sources from which we collect your personal information;
  3. the business or commercial purposes for collecting or disclosing your personal information;
  4. the categories of third parties to whom we disclose your personal information; and
  5. the specific pieces of personal information we have collected about you.

 

Right to Correct

You have the right to request that we correct inaccurate personal information we maintain about you. We may request additional information to support your request.

Right to Request Deletion

You have the right to request that we delete personal information we collect about you.

You should be aware, however, that California law allows us to retain your personal information under certain conditions, even if you have asked us to delete it. We, therefore, may deny your deletion request if an exception applies.

Right to Opt-Out of Sale or Sharing Personal Information; Sensitive Personal Information

You have the right to opt-out of the sale of your personal information. You also have the right to opt-out of the sharing of your personal information for cross-context behavioral advertising purposes.

We do not sell your personal information. We also do not share your personal information for cross-context behavioral advertising purposes. To our knowledge, we do not sell or share the personal information of individuals under 16 years of age.

We will not use sensitive personal information for purposes other than those specified in the CCPA and its implementing regulations.

Right to No Retaliation

We will not discriminate or retaliate against you because you have chosen to exercise any of your privacy rights described above.

How to Exercise Your CCPA Rights

If you wish to exercise any legal rights with respect to your personal information, you or someone legally authorized to act on your behalf (“authorized agent’) can exercise your rights by:

  1. calling us at 1-866-723-3149 or
  2. complete the form

Only you, or your authorized agent, may make a request related to your personal information. You also may make a request on behalf of your minor child.

We cannot respond to your request or provide you with personal information if we cannot (i) verify your identity or authority to make the request, and (ii) confirm the personal information relates to you. To make a verifiable request, you must:

  1. provide sufficient information to allow us to reasonably verify you are the person about whom we collected personal information or that you are the person authorized to make the request. If you are an authorized agent, you also will be required to provide proof that you are authorized to make the request, such as by providing a copy of the written permission from the person on whose behalf you are making the request; and
  2. describe your request with sufficient detail that allows us to properly understand, evaluate, and respond.

We will only use personal information you provide to verify your identity or authority to make the request. Making a verifiable request does not require you to create an account with us.

For Canada Residents: Consent

In Canada, subject to any exemptions or requirements to comply with legal and regulatory obligations (e.g., employment law, health & safety legislation), express or implied consent is the legal basis upon which we may collect, use or disclose your personal information. Accordingly, subject to any exemption or where we have a legal obligation, personal information will only be collected, used and/or disclosed by us for the purposes described above in this Privacy Notice, with your express or implied consent, as applicable.

By submitting your information to us, whether through our recruitment portal, a recruiter, or a platform like LinkedIn, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Notice. We’ll obtain your consent prior to conducting any background check processes.

You can choose to withdraw your consent at any time by contacting us by phone or email. However, depending on the request, this may mean that we will not be able to consider you as a candidate or to continue your employment with us.

Data Retention and Information Security Policies

Great American retains your personal information for at least as long as is reasonable or necessary to fulfill the purposes for which the data was collected, meet its business requirements, and comply with all applicable laws and regulations.

Great American is committed to protecting your personal information and has implemented physical, procedural, organizational, and technical safeguards, consistent with applicable law, intended to prevent loss, misuse, unauthorized access, disclosure, or modification of personal information under our control. Our employees participate in annual information security and privacy training and exercises.

If you have questions about Great American's information security policies, please reach out using the contact information below.

International Operations and Data Transfers

In connection with the purposes described above, Great American may transfer personal information to persons and organizations that are located in other countries. Where permitted by applicable law, by providing your personal information to Great American, you understand and consent to the collection, use, processing, disclosure, and transfer of such information to the United States of America (“U.S.”) and other countries, which may not offer the same level of data protection as the country where you reside. Please note that information collected through the use of Great American’s website and certain communications you send to the contact information provided below may be sent to the U.S.

Children

We only employ those who are legally eligible to work at the location of employment. Please do not send us application materials if you are under the legal age eligible for employment.

Your Rights with Respect to Your Personal Information

Great American strives to ensure the information we have is accurate and up-to-date. Please notify us if you believe an error has been made in the accuracy of the information Great American has about you, and we will correct it upon confirmation of the error and receipt of the correct information.

You may have additional rights with respect to your personal information, depending on the laws of your jurisdiction. For example, Canadian residents may have the right to be informed, to access and correct their personal information and/or withdraw consent to Great American's processing of their personal information.

If you wish to exercise one or more of your rights with respect to your personal information, please contact Great American using the information provided below. Please understand that to protect your privacy and security, we will need to take reasonable steps to verify your identity before we can respond or comply with any request relating to personal information. Great American will respond to your request as soon as practicable, but in any event within the legally required time.

Changes to this Privacy Notice

This Privacy Notice may be changed from time to time. The date noted on the Privacy Notice indicates when it was last revised.

Questions and Contact Information

If you have any questions about the Privacy Notice, wish to exercise any legal rights with respect to your personal information, or have a complaint regarding Great American's protection of your personal information, please reach out using the contact information below.

If you are having difficulty accessing this notice for any reason, please call or email us at the contact information listed below so that we may provide you with the notice in an alternative format.

Privacy Office

Great American Insurance – Property and Casualty Group
301 E. Fourth Street
Cincinnati, Ohio 45202-4201
800-545-4269
[email protected]
Attention: General Counsel, Privacy Office

Canadian Branch

Great American Insurance Company, Chief Agency
Suite 3200, Bay Adelaide Centre – North Tower
40 Temperance Street
Toronto, Ontario M5H 0B4 Canada
Attention: Chief Agent

This Privacy Notice is not a contract for employment and does not alter the employment ‎at-will relationship between us and any employee