Privacy Policy

Last Updated: August 15, 2025

CSAA Specialized Services, LLC (“CSAA Specialized Services,” “we,” “us,” or “our”) is committed to user privacy and wants you to be familiar with how we collect, use, and disclose information. This Privacy Policy describes our practices for information that we collect about you through all channels, including our website, located at www.csaaspecializedservices.com (the “Site“), any other online destinations we offer, telephone, mail, email, in-person, or by any other means. By providing Personal Information (as defined below) to us, you acknowledge that such Personal Information may be used and disclosed in accordance with this Privacy Policy.

Updates to This Privacy Policy

We may change this Privacy Policy. Any changes to this Privacy Policy will become effective when we post a revised Privacy Policy on the Site. Your use of the Site or our products and services following any changes means that you accept the revised Privacy Policy.

Personal Information

Personal Information is information that identifies you or one or more others as an individual, such as:

Name
Postal address
Zip code
Telephone number
Email address
Vehicle identification number
Driving history and other motor vehicle records
Bank account numbers
Or that otherwise constitutes personal information under applicable law

Personal Information We Collect

The types of Personal Information we collect and share depend on the product or service we are providing you, are you inquiring about, or we are providing a corporate client with whom you have a relationship. This information can include identifying information about you such as your name, address, and date of birth, as well as information about your prior insurance policies, drivers and vehicles, credit history, and insurance claims history. We collect information from you (including from your transactions with us) and outside sources.

We collect Personal Information, for example, when your insurance carrier requests CSAA Specialized Services provide third party administration services, when you file an insurance claim with your insurance carrier, upload videos or photographs related to your policy or a claim along with any metadata that is associated with such content (such as geolocation and time that the photo or video was taken), engage in a chat through our chat functionality, or give us your contact information. We also collect Personal Information about you from other sources, such as affiliates or other companies that provide us with demographic and other information.

We also obtain information from consumer reporting agencies and insurance support organizations. It may include your driving record, claims history with other insurers, credit report information, and your insurance score. A consumer reporting agency that gathers information about you may share this information with others who are authorized to use consumer reports as allowed by law.

We also may collect Personal Information from partners with whom we have a business relationship, for example a ridesharing company for whom you drive.

How We Use Personal Information

We may use Personal Information:

To respond to your inquiries and fulfill your requests.
To provide our products and services to you or one of our partners who provide you with insurance.
To send you important information regarding changes to the Site, terms, conditions, and policies.
To personalize your experience on the Site presenting products and offers tailored to you, including over time and across your browsers and devices.
To prevent or detect security incidents, fraud, and criminal activity.
For our internal marketing purposes.
For our business purposes, such as data analysis, audits, developing new products, monitoring and enhancing the Site or the App, improving our services, identifying usage trends, and determining the effectiveness of our promotional campaigns. Chat transcripts may be reviewed and archived for quality assurance and training purposes.
As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

What Personal Information We Share

All financial companies need to share customers’ Personal Information to run their everyday business. We may share all or part of the Personal Information about you that we collect with affiliated and unaffiliated companies, and others such as law enforcement, courts, and government agencies, as allowed by law. For example:

We may share your Personal Information with third party service providers to enable them to provide services such as website hosting, data analysis, payment processing, order fulfillment, infrastructure provision, IT services, customer service, email delivery services, credit card processing, auditing services, and other similar services.
We may share your Personal Information with insurance carriers, agents and brokers for purposes of fulfilling your requests and addressing your insurance needs.
We may share your Personal Information for our internal marketing purposes. For example, we may share information with our agents and service providers to offer our products and services to you more effectively.
We may share your Personal Information with other recipients including, for example, claims representatives, consumer reporting agencies, law enforcement, courts, and government agencies.
We may share claims information related to an accident you are a party to with our corporate policyholders who have a stake in your claim.
We may share your Personal Information with one or more third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
We may share your Personal Information as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
Unless you are a California resident, we also may share certain categories of your Personal Information without prior authorization for joint marketing with nonaffiliated financial companies. These categories of shared Personal Information may include transaction information, such as information about payment history or claims history and information we have obtained from third parties. “Joint marketing” refers to a formal agreement between nonaffiliated financial companies that together market financial products or services to you.

In addition, we may share Personal Information about our former customers in the manner described above.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties for their own messaging or text messaging purposes

Internet or Electronic Network Activity Information

“Internet or Electronic Network Activity Information” is any information that we or our third-party service providers collect from your computer or mobile device. We treat Internet or Electronic Network Activity Information as Personal Information, which may include:

Browser information
Server log files
Information collected through cookies, pixel tags, and other technologies
Other mobile device information

How We Collect Internet or Electronic Network Activity Information

We and our third-party service providers may collect Internet or Electronic Network Activity Information in a variety of ways, including:

Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, device type, screen resolution, operating system version, and Internet browser type and version. We use this information to help ensure that the Site functions properly and for purposes such as security and other purposes described in this Privacy Policy.
Through web analytics: An Internet Protocol (IP) address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP), is identified and collected automatically using third-party web analytics software, and may be identified and logged automatically in our server log files, along with the time of the visit and the page(s) that were visited, whenever a user visits the Site. We use IP addresses for purposes such as calculating Site usage levels, helping diagnose server problems, administering the Site, and other purposes described in this Privacy Policy.
By using cookies: Cookies allow a web server to transfer data to a computer for recordkeeping and other purposes. We and our service providers use cookies and other technologies to, among other things, better serve you with more tailored information and facilitate your ongoing access to and use of the Site, as well as for online tracking and analytics purposes, including: Remarketing, Google Analytics Demographics, and Interest Reporting and Google Display Network Impression Reporting. Most web browsers allow you to control the use of cookies. To learn more about cookies, please visit https://www.allaboutcookies.org and review your browser settings. If you choose to decline cookies, some or all of the Site’s features, functionality, and promotions available through the Site, may not be available to you. If you no longer want data collected by Google Analytics to be used for our internal marketing purposes, click here to download the Google Analytics Opt-out Browser Add-on. In addition, if you’d like to opt-out from receiving interest-based advertising from companies that participate in the Network Advertising Initiative (NAI) opt-out program, click here.
By using pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used in connection with some or all Site pages and HTML-formatted email messages to, among other things, track the actions of Site users and email recipients, measure the success of our marketing campaigns, and compile statistics about Site usage and response rates.
Through your mobile device: we may collect your mobile device identification number or advertising identifier, device type, model and manufacturer, phone number, and consistent with your mobile device permissions, geographical location data, including GPS coordinates (e.g., latitude and/or longitude) or similar information regarding the location of your mobile device.

How We Use and Disclose Internet or Electronic Network Activity Information

We use Internet or Electronic Network Activity Information that is collected and aggregated by our third-party services providers to analyze our traffic and improve our services, among other purposes described in this Privacy Policy. In some instances, we may combine Internet or Electronic Network Activity Information with other Personal Information.

Third Party Sites and Applications

This Privacy Policy does not address, and we are not responsible for, the privacy, information gathering, or other practices of any third parties, including any third party operating any site or application to which the Site contains a link. The inclusion of a link on the Site does not imply endorsement of the linked site by us or by our affiliates.

Security

We seek to use reasonable organizational, technical, and administrative measures to protect information under our control, including computer safeguards and secured files and buildings. Unfortunately, no data transmission over the Internet or any data storage system can be guaranteed to be 100 percent secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contacting Us” section below.

Choice and Access

Your Choices Regarding Our Use of Your Personal Information

We seek to give you choices regarding our use and disclosure of your Personal Information:

Do-Not-Track Signals and Similar Mechanisms: Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.
DMAchoice: We also participate in DMAchoice, an online tool developed by the Data & Marketing Association (DMA) and the Association of National Advertisers (ANA) to help you manage your mail. DMAchoice offers consumers a simple, step-by-step process that enables them to decide what mail they do and do not want. You can register at DMA’s consumer website: www.DMAchoice.org, If you do not wish to complete your registration online, you can register for DMAchoice by filling out the DMAChoice Mail In Form with all required information, printing it, and mailing to:

DMAchoice
DMA
P.O. Box 900
Cos Cob, CT 06807

We aim to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with whom we have already provided such information as of the date that we implement your opt-out request. Please also note that if you do not wish to receive marketing-related email, mail, or telephone messages from us, we may still send you important administrative messages. We may contact you by text message concerning your policy at the phone number you provide us, and those message may result in message and data fees from your wireless carrier depending on your plan. You can reply STOP to stop receiving these text messages, or reply HELP for help.

How You Can Access or Change Your Personal Information

You may have the right under applicable law to access and review, and to request the correction, amendment or deletion of, certain Personal Information we have about you by sending a written request explaining the action you desire to:

CSAA Specialized Services
ATTN: Privacy
P.O. Box 23180
Oakland, CA 94623-0180

Your written request must include your full name, mailing address, and policy number (if applicable), state that your request is in response to this Privacy Policy, and identify the specific Personal Information you want us to correct, amend, or delete. You may request the categories of third parties we show as having received your Personal Information from us.

We cannot change consumer report information we obtain from consumer reporting agencies. To do this, you must contact the consumer reporting agency that provided it. We do not have to change our records if we do not agree with your request. If we refuse to make the requested correction, amendment, or deletion, you may file with us a concise statement indicating why you disagree with our decision and setting forth what you believe is the correct, relevant, or fair information. We will place your statement in our file.

Use of the Site by Minors

The Site is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Site or the App.

Jurisdictional Issues

The Site is controlled and operated by us from the United States, and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States.

Contacting Us

If you have any questions about this Privacy Policy, please contact us by email at privacy@csaaspecializedservices.com or calling us at (800) 921-5249.

Please note that email communications are not always secure; so please do not include credit card information or other sensitive information in your email messages to us.

For Nevada Residents

We are providing you this notice pursuant to state law. In addition to requiring us to provide notice to you regarding our internal Do Not Call List, Nevada law requires that we provide you with the following contact information:

Bureau of Consumer Protection
Office of the Nevada Attorney General
555 E. Washington St., Suite 3900
Las Vegas, NV 89101

Phone number: (702) 486-3132
Email: BCPINFO@ag.state.nv.us

For California Residents – California Consumer Privacy Act Notice

The California Consumer Privacy Act of 2018 (CCPA) gives California consumers the right to know what Personal Information and Sensitive Personal Information is collected about them, and how it will be used, disclosed, and sold. The CCPA also gives California consumers the right to request access to, deletion of, and correction of their Personal Information and Sensitive Personal Information. In addition, the CCPA provides California consumers with the right to request that their Personal Information and Sensitive Personal Information not be sold or shared, the right to request limits to the use of their Sensitive Personal Information, and the right not to be discriminated against if they exercise their rights under the CCPA.

The purpose of this notice is to provide consumers with a description of our practices regarding the collection, use, disclosure, and sale of Personal Information and Sensitive Personal Information, and instructions for submitting CCPA data privacy requests.

Collection of Personal Information

The types of Personal Information and Sensitive Personal Information we collect, use, and disclose depend on your relationship with us. If the nature of your relationship with us changes, an additional privacy notice may apply and will be provided to you. The following chart provides the categories of Personal Information we have collected about California consumers in the preceding 12 months.

Types of Personal Information	Examples	Do we collect it?
Identifying information about you	Identifiers such as name, postal address, zip code, internet protocol (IP) address, email address, account name, Social Security number, driver’s license number, , or other similar identifiers	Yes
Identifying information about you	Other identifiers, including signature, physical characteristics or description, telephone number, insurance policy number, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information	Yes
Characteristics of protected classifications under California or federal law	Gender, marital status, age	Yes
Commercial information	Records of personal property, products or services purchased, obtained, or considered, driving record, claims history with other insurers, credit report information, insurance credit score, or demographic information	Yes
Internet or other electronic network activity information	Information regarding a consumer’s interaction with an internet website, application, or advertisement, browser information, such as Media Access Control address, device type, screen resolution, operating system version, and browser type and version, web analytics, including IP address, time of visit, page(s) visited, cookies, pixel tags, and other similar technologies	Yes
Audio, electronic, visual, thermal, olfactory, or similar information	Customer service call recordings	Yes
Professional or employment-related information	Employment status or history	Yes
Education information	We do not currently collect education information of CA consumers	No
Biometric information	We do not currently collect biometric information of CA consumers	No
Geolocation data	Metadata associated with videos or photographs related to your policy or a claim (such as geolocation and time that the photo or video was taken)	Yes
Inferences drawn from any of the above information to create a profile about a consumer	Consumer preferences, characteristics, trends, and behavior	Yes

Sensitive Personal Information

In addition to the categories of Personal Information above, we may also collect, use, and disclose Sensitive Personal Information about you. Sensitive Personal Information could include your driver’s license or state ID information, social security number, health data, account log-in, or precise geolocation. The type of Sensitive Personal Information we collect, use, and disclose depend on your relationship with us.

How We Collect Personal Information and Sensitive Personal Information

We collect the Personal Information and Sensitive Personal Information above from the following categories of sources:

From you and your transactions with us, such as when you request a quote for insurance, apply for insurance, pay insurance premiums (including by using our online payment and autopay functionalities), file an insurance claim, upload videos or photographs related to your policy or a claim along with any metadata that is associated with such content (such as geolocation and time that the photo or video was taken), or give us your contact information
From others, including consumer reporting agencies, insurance support organizations, and other third parties that provide us with demographic and other information
From publicly available sources, such as government records, or from information you have made public, including by posting or publishing it online

Why We Collect Personal Information and Sensitive Personal Information

We collect the Personal Information and Sensitive Personal Information above for the following purposes:

For our everyday business purposes, such as:
- To process your transactions and maintain your accounts
- To respond to your inquires and fulfill your requests
- To send you important information about your account, including changes to our terms, conditions, and policies
- To personalize your experience on our website
- To analyze our data, develop new products, monitor and enhance our website and other online destinations, improve our services, identify usage trends, and determine the effectiveness of our promotional campaigns
- To report to consumer reporting agencies and insurance support organizations
- To facilitate an audit
- To prevent or detect security incidents, fraud, and criminal activity
For our internal marketing purposes
As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain

We may combine the Personal Information and Sensitive Personal Information we collect for the above purposes. We will not collect additional categories of Personal Information and Sensitive Personal Information, nor use the Personal Information and Sensitive Personal Information collected for additional purposes, without providing you notice.

What Personal Information and Sensitive Personal Information We Sell or Share

We do not sell Personal Information and Sensitive Personal Information for revenue-generating purposes, including Personal Information and Sensitive Personal Information of minors under 16 years of age. Although the CCPA broadly defines “sale” and “share” to include certain transfers or disclosures of Personal Information and Sensitive Personal Information to a third party, there are a number of circumstances where the CCPA allows us to share Personal Information and Sensitive Personal Information with third parties that are not considered a sale. For example, we may share your Personal Information and Sensitive Personal Information with our service providers so that they can do work on our behalf. We may share the Personal Information and Sensitive Personal Information above for the purposes described above with the following categories of third parties:

Consumer reporting agencies
Insurance support organizations
Service providers
Claims representatives
Insurance agents
Medical-care institutions
Actuarial or research entities
Insurance regulatory authorities
Law enforcement, courts, and governmental agencies
With one or more third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings)
As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain

In addition, we may share Personal Information and Sensitive Personal Information about our former customers in the manner described above. A consumer reporting agency that gathers information about you may share this information with others who are authorized to use consumer reports as allowed by law.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties for their own messaging or text messaging purposes

Your Rights

You have the right to request that we disclose what Personal Information and Sensitive Personal Information about you we collect, use, disclose, sell, and share.
You have the right to request that we delete any Personal Information and Sensitive Personal Information about you that we have collected from you.
You have the right to request that we correct inaccurate Personal Information and Sensitive Personal Information we have collected about you.
You have a right to opt-out of the sale or sharing of your Personal Information and Sensitive Personal Information (as defined by the CCPA).
You have the right to limit the use of Sensitive Personal Information.
You have a right not to receive discriminatory treatment by us for your exercise of your privacy rights.

How to Submit a Data Privacy Request

To submit a CCPA request, please complete email your request to privacy@csaaspecializedservices.com or call our toll-free CCPA phone number at (800) 921-5249.

In your request, please include your name, address, phone number, email address (if you have one), your relationship with CSAA Specialized Services, and the type of CCPA request(s) you are making. If you are a policyholder or claimant, please provide your policy or claim number in your request.

We will contact you if we need additional information

Verification of Your Identity

To process your CCPA request, we must be able to verify your identity to a reasonable degree of certainty. In order to do so, you must provide the required identifying information requested above in the “How to Submit a Data Privacy Request” section when submitting your CCPA request. Before we process your request, we will match data points you provide us with data points we currently maintain to verify your identity and your relationship with us. If we cannot verify your identity, we will not be able to process your request. If you are a visitor to our website who does not interact with us by, for example, requesting a quote we are unable to verify your identity to a reasonable degree of certainty because we do not maintain information that could reasonably be linked to you.

Authorized Agent

You can designate an authorized agent to make a CCPA request on your behalf. When you use an authorized agent to submit a request, you must provide the authorized agent with signed permission to do so, and, in certain circumstances, we may ask you to verify your own identity or confirm that you provided the authorized agent permission to submit the request directly with us. We may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf. Your authorized agent must implement and maintain reasonable security procedures and practices to protect your information, and must not use your personal information and Sensitive Personal Information, or any information collected from or about you, for any purpose other than to fulfill your request, for verification, or for fraud prevention.

Data Retention

We will retain your Personal Information and Sensitive Personal Information for no longer than is necessary for the purposes stated in this Privacy Policy, unless otherwise extending the retention period is required or permitted by law.

Contact for More Information

For questions or concerns about our privacy policies and practices, please contact us at privacy@csaaspecializedservices.com or (800) 921-5249.