Notice at Collection - California


The notice at collection was last updated: 10-21-2024


This notice addresses the California Consumer Privacy Act (CCPA) requirement, as amended by California Privacy Rights Act, (CPRA) that a business that collects personal information from a California consumer shall, at or before the point of collection, inform consumers as to the (1) categories of personal information to be collected from the consumer; (2) the purposes for which the categories of personal information are collected or used; (3) whether the information is sold or shared; (4) the length of time Granite Re intends to retain each category of personal information; and (5) the criteria used to determine the length of time Granite Re will retain the categories of personal information. See CCPA §1798.100.


This Notice only applies to California residents ("consumer" or "you").


Granite Re is a business that collects California consumers’ personal information. The categories of information and purposes for which the categories of information will be collected or used, as well as the retention periods for the categories vary depending upon the reason Granite is collecting personal information from you. This Notice is provided to you because Granite is collecting information from you in connection with the preparing, offering or providing of an insurance product or service, or handling a claim involving you.


The categories of personal information we may collect from you may include the following information if it identifies you or could reasonably be used, either alone or in combination with other data, to identify you:


  • Personal Identifiers: such as a real name, signature, physical characteristics, physical description, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, telephone number, passport number, social security number, driver’s license or state identification card number.
  • Financial Identifiers: such as insurance policy number, bank account number, credit card number, debit card number, or any other financial information.
  • Medical Information: such as health insurance or medical information, unique personal identifier for health insurance, online identifier, account name, or other similar identifiers.
  • Education Information: such as education history, employment or professional history, education information, as defined in FERPA, which is not publicly available information.
  • Protected Classifications: under California or federal law, including: age, race, color, sex, creed, gender, sexual orientation and identity, national origin, disability, immigration status, citizenship status, marital status, military or veteran status.
  • Commercial Information: including records of personal property and products or services purchased, obtained, or considered.
  • Internet or Other Electronic Network Activity Information: including, but not limited to, search history, and information regarding a consumer’s interaction with Granite's Internet Web sites, or applications.
  • Audio, electronic, or similar information.

NOTE: Personal Information does not include publicly available information, which means information that is lawfully made available from federal, state, or local government records nor de-identified or aggregate consumer information.


Granite collects and uses the categories of personal information we collect from you for the following purposes:


  • To provide products and services that are requested
    • including , underwriting, maintaining and servicing accounts, providing customer services, processing or fulfilling requests and transactions, verifying customer information, processing payments, administering changes or amendments to existing products and services, processing claims, providing advertising or marketing services, providing analytic services, or providing similar services, and for Granite’s operational purposes which are reasonably necessary and proportionate to achieve the purpose for which the information was originally collected or for another purpose that is compatible with the context in which the personal information was collected.
  • To recommend additional insurance or risk management products or services, based upon the information provided as well as Granite’s understanding of your insurance needs.
  • Helping to ensure security and integrity to the extent the use of the consumer's personal information is necessary and proportionate for these purposes.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Undertaking activities to verify or maintain the quality or safety of a service or product that is developed or provided by Granite, and to improve, upgrade, or enhance any service or product that is developed or provided by Granite.
  • Auditing related to compliance with the CCPA and other standards.
  • Undertaking internal research for technological development and demonstration.
  • Advancing Granite’s lawful commercial or economic interests.

For other legitimate purposes.


Please note that Granite does not sell or share your personal information.


Granite retains each category of personal information described above for varying lengths of time. Retention periods depend on the specific purposes for which we use or collect your information as well as legal retention requirements. For example, we keep all categories of personal information, in order to properly process a claim made against a policy. The period during which we keep the information will depend upon how long the claims process takes as well as retention required by other relevant law. Since it is not possible to describe retention periods for each category of personal information, we apply the following criteria in determining the retention period:


  • How long the policy coverage is in force and any additional time in which a claim may be brought.
  • Legal requirements (including, but not limited to statutes of limitation and laws regarding audits of insurance companies) that require us to maintain the personal information.
  • Whether there is threatened or ongoing litigation, mediation or arbitration involving the personal information.
  • Whether the personal information is the subject of a valid court order or law enforcement directive to retain.
  • Retention to exercise or defend legal claims.
  • Compliance with federal, state, or local laws.

Granite does not retain a consumer's personal information for longer than is reasonably necessary for each disclosed purpose.


Our Privacy Policy can be found at: www.granitere.com/privacy-policy. Persons with a disability can receive alternate formats of this Notice by emailing consumerdatarequest@fedins.com or via download.


Privacy Contacts


If you have specific questions about your rights or about this notice, you may contact us at:

  • Phone TOLL-FREE: 1-800-533-0472 and ask to speak to the Privacy Officer
  • Postal Address:

    Federated Mutual Insurance Company
    Attn: Privacy Official - Legal
    121 East Park Square
    Owatonna, MN 55060