- You are acting as a job applicant to or employee or independent contractor of Safelite;
- You have been designated as an emergency contact for a job applicant or employee and your information has been collected for use solely within that context;
- We need your Personal Information to administer benefits obtained through an employee; or
For information on our privacy practices as they relate to any of the information collected in the above scenarios, contact us at: email@example.com. Alternatively, you may send a letter to the following address:
Safelite Group, Inc.
Attn. Customer Care
7400 Safelite Way
Columbus, Ohio 43235
Information we collect about California consumers
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA's scope, like: health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
- Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
Specifically, we collect the following categories of Personal Information:
Category Examples Do we collect this information? A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Yes B. Personal Information listed in California Customer Records statute (Cal. Civ Code 1798.80(e)) A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some Personal Information included in this category may overlap with other categories.
Yes C. Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No D. Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes E. Biometric Information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No F. Internet or other similar network activity Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Yes G. Geolocation data Physical location or movements. No H. Sensory Data Audio, electronic, visual, thermal, olfactory, or similar information. Yes I. Professional or employment related information Current or past job history or performance evaluations. Only for job applicants and employees J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. Only for job applicants and employees K. Interferences drawn from other Personal Information Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes
Sensitive Personal Information
We may also collect and use Sensitive Personal Information, as defined under California law, in limited contexts. Specifically, we at times collect information about a person’s health and a person’s social security number and driver’s license number in connection with processing casualty loss and liability claims and/or pursuing or defending legal claims. We do not use Sensitive Personal Information for purposes other than those permitted by 11 Cal. Code. of Regs. § 7027(l).
Why we collect your Personal Information
We may collect, use, or disclose the Personal Information in the above categories for the following purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize, and develop our Website, products, and services.
- To create, maintain, customize, and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings we believe are relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via mail, email, telephone calls, or text messages (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our Website, products, services, marketing, and business processes.
- To respond to governmental and law enforcement requests and as required by applicable law, court order, or governmental regulations.
- To take steps we deem necessary to protect, defend, and enforce our rights and the rights of others, including for billing and collection.
- As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about consumers is among the assets transferred.
Notice of our collection, use, and disclosure of Personal Information in the last 12 months
In the last twelve (12) months, we have collected, used, and disclosed the following categories of Personal Information for a business purpose:
1. Categories of information collected in the last 12 months
- Category A: Identifiers.
- Category B: California Customer Records Personal Information categories.
- Category D: Commercial Information.
- Category F: Internet or other similar network activity.
- Category H: Sensory data.
- Category K: Inferences drawn from other Personal Information.
2. How we collected this information
We collect the above categories of your Personal Information from the following sources:
- Directly from you. For example, from forms you complete or products and services you purchase, when you communicate with us, or when you provide us services.
- Indirectly from you. For example, from observing your actions on our Website.
- From third parties. This includes third party data brokers, web analytics tools.
3. Why we collected Personal Information?
We have collected and shared Personal Information in the above categories for the purposes described above.
4. Who we have shared this information with for a business purpose
For each of the above categories, we share your Personal Information with third parties who are our service providers including companies that provide the following services:
- Payment processing
- Marketing and non-marketing communications
- Advertising platforms
- Data aggregation and brokerage
- Business analytics (marketing and non-marketing)
- IT and network administration such as data storage and management, website hosting, and data security
- Professional advice such as legal, accounting, tax, and business advisers
- Day-to-day business operation support such as courier services, document destruction, and electronic signature platforms
We occasionally use third-party repair companies to fulfill orders to consumers. If we use a third-party repair company in connection with services provided to you, we may share your Personal Information with them for the purpose of fulfilling the service.
Safelite does not sell Personal Information.
Some of the above disclosures may be considered a disclosure to a non-service provider third party for a business purpose under California law. In the past twelve months we have disclosed Personal Information to the following third parties for business purposes:
Category of Third Party
Business Purpose for Disclosure
Categories of Personal Information
Advertising platforms (including social media companies)
Cross-context behavioral advertising
A, B, F
Data matching, append, and hygiene services; cross-context behavioral advertising
A, B, F
We occasionally use third-party repair companies to fulfill orders to consumers. If we use a third-party repair company in connection with services provided to you, we may disclose your Personal Information to them for the purpose of fulfilling the service.
Safelite does not sell Personal Information.
Your Rights and Choices
The CCPA provides consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.
A. Right to Know
You have the right to request that we disclose certain information to you about our collection, use, disclosure, and sale of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Introduction), we will disclose to you:
- The categories of Personal Information we collected about you.
- The categories of sources for the Personal Information we collected about you.
- Our business or commercial purpose for collecting or selling that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information we collected about you.
- If we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing:
- sales, identifying the Personal Information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
B. Right to Delete Personal Information
You have the right to request that we delete any of your Personal Information that we collected and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Introduction), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny a deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms or a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Help to ensure security and integrity to the extent the use of the Personal Information is reasonably necessary and proportionate for those purposes.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us and that are compatible with the context in which you provided the information.
- Comply with a legal obligation.
C. Right to Correct Inaccurate Personal Information
You have the right to request that we correct inaccurate Personal Information we maintain regarding you. You may provide us with documentation to support your request and we will consider it. We will provide you with instructions for supplying supporting documentation after you make your request.
We may decline to correct the Personal Information if we determine based on the totality of the circumstances that the Personal Information we have on file is more likely than not accurate. We may also deny the request if we determine it is likely fraudulent or abusive. If we decline to correct the Personal Information, you may request that we note in our records and notify any service providers and third parties to whom we disclosed the allegedly erroneous information that its accuracy has been disputed.
We may choose to delete the contested Personal Information instead of correcting it.
D. Exercising Your Know, Deletion, and Correction Rights
- How to submit requests. To exercise your rights described above, please submit a verifiable consumer request to us by either: calling us at: 1-800-270-5679 or clicking here to submit the request online or copy and pasting this into your browser: https://privacyportal.onetrust.com/webform/d3b95a93-e22e-4d4d-a806-482052406557/draft/48f5d98d-2135-41f2-a54a-701815a0247a.
- Who may submit requests. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. You may designate an authorized agent in writing to make a request on your behalf.
- How often can you submit requests. You may only make a Right to Know request twice within a 12-month period. You may not make a Correction request if we previously denied a Correction request in the prior six months regarding the same alleged inaccuracy unless you provide new or additional documentation to support your claim that the information is inaccurate.
- How we verify and respond to requests.
- Your request must be verifiable. That means that you, or your authorized agent, must provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Information or an authorized agent of that person with written permission from the consumer or a power of attorney to act on their behalf.
- We may verify your request:
- Through our existing authentication practices for your password-protected account with us, if you have one. Making a verifiable consumer request does not require you to create an account with us, if you do not make a request through an account with us.
- If you do not have a password-protected account with us, we may require you to provide certain information such as first name, last name, phone number, service address, and/or invoice number to verify your identify.
- Regardless of whether or not you have a password-protected account with us, if we are required by law to verify your identity to a reasonably high degree of certainty, we may require you to verify additional pieces of information and/or sign a declaration under penalty of perjury verifying your identity and request.
Your verifiable consumer request must also describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
We will only use Personal Information provided in a request to verify the requestor's identity or authority to make the request and fulfill or deny the request. We may retain Personal Information provided in connection with your request for at least two (2) years as required by law.
Response Timing and Format.
We will acknowledge receipt of your request within ten (10) business days from its receipt.
We endeavor to respond to a verifiable consumer request within forty-five (45) days from its receipt. If we require more time, up to a maximum of ninety (90) days from receipt, we will inform you of the reason and extension period in writing.
If you have a password-protected online account with us, we will deliver our written response to that account. If you do not have a password-protected online account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. If you requested a copy of the specific Personal Information we have on file about you, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We will not provide certain Personal Information in response to a request when the information is too sensitive, for example your social security number, financial account number, or account passwords.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
E. Opting Out.
If you would like to opt out of the sale or sharing of your Personal Information, you may do so using our Do Not Sell/Share My Personal Information online form by clicking here or copy and pasting this into your browser: https://privacyportal.onetrust.com/webform/d3b95a93-e22e-4d4d-a806-482052406557/draft/48f5d98d-2135-41f2-a54a-701815a0247a. We will also recognize browser-based opt-out signals as provided under law. If we receive an opt-out signal and are able to identify the consumer to whom the signal relates, we will treat the signal as a request to opt out related to all Personal Information we have on file for the consumer. If we receive an opt-out signal and are not able to identify the consumer to whom the signal relates, we will treat the signal as a request to opt out limited to the Personal Information we collect from the consumer during the online session during which the signal is present.
If you do not want us to use your contact information to promote our own products and services, or third parties’ products or services, via email you can opt-out by submitting your information here: https://www.safelite.com/email-unsubscribe, or by sending us an email with your request to firstname.lastname@example.org. You may also opt-out of further email marketing communications by replying to any promotional email we have sent you or following the opt-out links on that message.
We will not discriminate against you for exercising any of your CCPA rights. You have a right not to receive discriminatory treatment by us for exercising your privacy rights.
Other California Privacy Rights
California’s "Shine the Light" law (Civil Code Section § 1798.83) permits users of websites that are California residents to request certain information regarding a website operator’s disclosure of Personal Information to third parties for their direct marketing purposes. We do not disclose Personal Information to third parties for those third parties to use for their own direct marketing purposes.
Who to Contact for more information
Safelite Group, Inc.
Attn. Customer Care
7400 Safelite Way
Columbus, Ohio 43235