CCPA Privacy Policy for California Residents

Last Updated: June 1, 2023

This Privacy Disclosure (“Disclosure”) describes how MassMutual Ascend Life Insurance Company and its subsidiaries (collectively, “MassMutual Ascend,” “we,” “us,” or “our,” “Company”) that are subject to the California Consumer Privacy Act (“CCPA”) handles Personal Information that is subject to the CCPA for individuals who interact with us through our websites, social media accounts, online advertisements, and mobile applications (collectively, our “Platforms”), through communications (such as mail, email, and phone), at in-person events, and through other online and offline methods.

As used in this disclosure, “Personal Information” means any information that identifies, describes, or can reasonably be associated with a particular individual.

Please note, this disclosure does not apply to Personal Information that is exempt from the CCPA, such as data subject to the Fair Credit Reporting Act (“FCRA), the federal Gramm-Leach-Bliley Act (“GLBA”), or the California Financial Information Privacy Act (collectively, “Exempt Financial Information”). Exempt Financial Information is subject to our GLBA privacy notice [https://www.massmutualascend.com/privacy-policy/policy]. This Privacy Disclosure also does not apply to other, non-financial Personal Information that is exempt from the CCPA, such as data subject to the Health Insurance Portability and Accountability Act (HIPAA), the California Confidentiality of Medical Information Act, or the Driver’s Privacy Protection Act of 1994.

MassMutual Ascend provides this Disclosure to inform you how we process Personal Information that we collect through our Platforms (defined above), through communications (such as mail or phone), at in-person meetings and events, and through other online and offline methods.

Changes: We may update this Disclosure from time to time. Any updated Disclosure will be effective when posted. Please check this Disclosure periodically for updates. If required by law, we will contact you directly to provide you with an updated Disclosure.

1. Sources of Personal Information

We collect Personal Information about you from the following sources:

A. Directly from you. We may collect Personal Information you provide to us directly, such as when you contact us through our Platforms, interact with us in person, sign up for offers or newsletters, or otherwise communicate with us.

B. Data collected automatically and through tracking technologies. We may automatically collect information or inferences about you, such as through Page 2 of 10 cookies and other tracking technologies, when you interact with our Platforms. This may include information about how you use and interact with our Platforms or otherwise interact with us, information about your device, and internet usage information. For more information, see “Section 5 – Cookies and Other Tracking Technologies.”

C. From service providers who collect information on our behalf.

D. From our affiliates and subsidiaries.

E. From MassMutual Ascend financial professionals (such as agents and brokers).

F. From third parties, such as commercial business partners, data brokers, social media companies or other parties who interact with us.

G. From publicly available sources. We may collect Personal Data about you from publicly available sources, such as public profiles and websites.

We may combine information that we receive from the various sources described in this Disclosure, including third party sources, and use or disclose it for the purposes identified below.

2. Types of Personal Information We Collect

We may collect the following types of Personal Information about you:

A. Identifiers, such as your name, email address, physical address, telephone number, and device identifiers.

B. Records about you, such as covered medical or health information, investments, estimated income, and other information that we obtain directly or from commercial data partners.

C. Protected class and demographic information, such as age (including birthdates), gender, and veteran status.

D. Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

E. Internet or other electronic network activity information, such as your device, and how you interact with the Platforms. Data elements may include browsing history, search history, preference information (including marketing and purchasing preferences), account settings (including any default preferences), operating system, browser used, and other information about how you interact with our Platforms (such as pages on our Platforms that you have viewed).

F. Non-precise geolocation data, such as your location as derived from your IP address.

G. Audio, visual, or other sensory information, such as photographs and audio/video recordings.

H. Professional or employment-related information, such as job title, organization and other professional information.

I. Education information

J. Inferences drawn from any of the information we collect about your preferences or behavior.

K. Sensitive Personal Information, such as health information obtained from commercial data partners or inferred from your interactions with our Platforms.

3. How We Use Personal Information

We may use Personal Information for the following purposes:

A. For our internal business purposes, such as operating our Platforms and customizing the content; maintaining internal business records, such as accounting, document management and other similar activities; enforcing our policies and rules; management reporting; auditing; IT administration of our network, intranet, and other technologies; and IT security management and tasks.

B. For our internal research and business improvement purposes, such as verifying, maintaining, or improving the quality of our business (including our Platforms); evaluating the effectiveness of our advertising or marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.

C. For legal, safety, or security reasons, such as complying with legal, reporting, and similar requirements; investigating and responding to claims against the Company, its personnel, its customers; and its agents and brokers, for the establishment, exercise or defense of legal claims; protecting our, your, our customers’, and other third parties’ safety, property or rights; detecting, preventing, and responding to security incidents; and protecting against malicious, deceptive, fraudulent, or illegal activity.

D. In connection with a corporate transaction, such as if we acquire, or sell or transfer all or a portion of our business or assets.

E. For marketing and targeted advertising, such as marketing our business or that of our affiliates, business partners, or other third parties (for purposes of this paragraph alone, "we" or "our" includes our affiliates, business partners, or other third parties we may be working with to provide marketing). For example, we may use Personal Information we collect to personalize advertising to you on our Platforms or third party sites and digital properties; to analyze interactions with our email communications or website areas viewed; to develop product, brand or services audiences (including by identifying you across devices/sites) to better target our advertising to you; or to send you newsletters, surveys, questionnaires, promotions, or information about events or webinars. You can unsubscribe to our email marketing via the link in the email or by contacting us using the information in the Contact Information section below.

We may use anonymized, de-identified, or aggregated information for any purpose permitted by law.

4. How We Disclose Personal Information

We may disclose Personal Information to third parties, including the categories of recipients described below. We do not “sell” Personal Information for money. We may engage in routine practices involving third parties that could be considered a "sale" (meaning a disclosure of Personal Information to a third party for consideration) or “sharing” (meaning a disclosure of Personal Information to a third party for targeted advertising purposes), as defined under the CCPA. We do not knowingly sell or share Personal Information about minors.

CCPA 2023

	Categories of Third Parties With Whom We Disclose Personal Information for a Business Purpose	Categories of Third Parties to Whom Personal Information is "Sold" or "Shared"
Identifiers (Section 2.A)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services
Records about you (Section 2.B)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not sold or shared
Characteristics of protected classifications under California or federal law (Section 2.C)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not sold or shared
Commercial information (Section 2.D)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services
Internet or other electronic network activity (Section 2.E)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services
Geolocation data (Section 2.F)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services
Audio, visual, or other sensory information (Section 2.G)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not sold or shared
Professional or employment-related information (Section 2.H)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not sold or shared
Education information (Section 2.I)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not sold or shared
Inferences (Section 2.J)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services
Sensitive Personal Information (Section 2.K)	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Not Sold or shared

Our options at a glance

	Identifiers (Section 2.A)	Records about you (Section 2.B)	Characteristics of protected classifications under California or federal law (Section 2.C)	Commercial information (Section 2.D)	Internet or other electronic network activity (Section 2.E)	Geolocation data (Section 2.F)	Audio, visual, or other sensory information (Section 2.G)	Professional or employment-related information (Section 2.H)	Education information (Section 2.I)	Inferences (Section 2.J)	Sensitive Personal Information (Section 2.K)
Categories of Third Parties With Whom We Disclose Personal Information for a Business Purpose	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure
Categories of Third Parties to Whom Personal Information is "Sold" or "Shared"	• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services	• Not sold or shared	• Not sold or shared	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services	• Not sold or shared	• Not sold or shared	• Not sold or shared	• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services	• Not Sold or shared

The categories of recipients in the chart above are used to mean:

A. Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.

B. Professional consultants, such as accountants, lawyers, financial advisors, agents, brokers, and audit firms.

C. Vendors necessary to complete a transaction that you request, such as mailing service companies.

D. Law enforcement, government agencies, and other recipients for legal, security, or safety purposes, such as when we share information to comply with laws or legal requirements, to enforce or apply our Terms of Use, Terms of Service and other agreements or policies, and to protect ours, our customers’, or third parties' safety, property, or rights.

E. Other entities in connection with a corporate transaction, such as if we, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.

5. Cookies and Other Tracking Technologies

Our Platforms (and authorized third parties) use cookies and other tracking technologies to collect information about you, your device, and how you interact with our Platforms. This section contains additional information about:

The types of tracking technologies we use and the purposes for which we use them
The types of information we collect using these technologies
How we disclose or make information available to others
Choices you may have regarding these technologies

A. Types of cookies and tracking technologies we use

Our Platforms and the third parties that we authorize may use the following tracking technologies:

Cookies, which are a type of technology that install a small amount of information on a user's computer or other device when they visit a website. Some cookies exist only during a single session and some are persistent over multiple sessions over time.
Pixels, web beacons, and tags, which are types of code or transparent graphics that contain a unique identifier. In addition to the uses described in Section 5.B below, these technologies provide analytical information about the user experience and help us customize our marketing activities. In contrast to cookies, which are stored on a user's computer hard drive, pixels, web beacons, and tags are embedded invisibly on web pages.
Session replay tools, which record your interactions with our Platforms, such as how you move throughout our Platforms and engage with our webforms. In addition to the uses described in Section 5.B below, this information helps us improve our Platforms and identify and fix technical issues visitors may be having with our Platforms.
Embedded scripts and Software Development Kits (“SDKs”), which allow us to build and integrate custom applications (“apps”) and experiences, some of which may be developed by a third party.

B. Purposes for Using These Technologies

We and authorized third parties use these technologies for purposes including:

Personalization, such as remembering user preferences, login details and browsing behavior; tracking your activity across online properties and platforms over time to better understand your preferences and interests; and personalizing online content;
Improving performance, such as maintaining and improving the performance of our Platforms;
Support, such as assisting customers in the event of an issue while accessing the site;
Analytics, such as analyzing how our Platforms are used. For example, we use Google Analytics to help us improve our Platforms, performance and user experiences. Google Analytics may use cookies and other tracking technologies to perform their services. To learn how Google Analytics collects and processes data, please visit: “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners; and
Advertising, such as providing you with offers that may be of interest to you; conducting targeted advertising to you on our Platforms and those of third parties; and measuring the effectiveness of our communications with you and advertising campaigns, including identifying how and when you engage with our communications.

C. Personal Information Collected

These tracking technologies collect data about you and your device, such as your IP address, cookie ID, device ID, AdID, operating system, browser used, browser history, search history, and information about how you interact with our Platforms (such as pages on our Platforms that you have viewed, including your specific mouse movements, page clicks, and other session replay information).

D. Disclosures of Personal Information

We may disclose information to third parties or allow third parties to directly collect information using these technologies on our Platforms such as social media companies, advertising networks, companies that facilitate session replay recordings and analysis, companies that provide analytics including ad tracking and reporting, security providers, and others that help us operate our business and Platforms.

E. Your Choices

You can refuse or delete cookies using your browser settings. If you refuse or delete cookies, some of our Platforms’ functionality may be impaired. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies. If you change computers, devices, or browsers; use multiple computers, devices, or browsers; or delete your cookies, you may need to repeat this process for each computer, device, or browser.

Some browsers have incorporated Do Not Track (“DNT”) preferences. We do not currently honor such signals.

6. Data Retention

Our Business Records Management Policy establishes and maintains Company policies and procedures governing the creation, retention, storage, and disposition of corporate records and information, provided that such information to be delete or destroyed is not subject to regulatory requirement to retain it or a legal hold. We retain corporate records for the minimum time period required by law or regulation and/or for a longer period of time consistent with business needs. We determine retention periods for corporate record information using both legal/regulatory citations and business requirements. CCPA rights request records are subject to a two year retention period as required by California law

7. Data Subject Rights

California consumers may have certain rights, subject to legal limitations, regarding the collection, use, and sharing of Personal Information under the CCPA, such as:

Right to Know. You may request information about the categories of Personal Information we have collected about you; the categories of sources from which we collected the Personal Information; the purposes for collecting, selling, or sharing the Personal Information; and to whom we have disclosed your Personal Information and why. You may also request the specific pieces of Personal Information we have collected about you
Right to Delete. You may request that we delete Personal Information that we have collected from you.
Right to Correct. You may request that we correct inaccurate Personal Information that we maintain about you.
Right to Limit Sensitive Personal Information Processing. We generally only use Sensitive Personal Information that is subject to the CCPA for the following purposes: (i) performing services or providing goods reasonably expected by an average consumer; (ii) detecting security incidents; (iii) resisting malicious, deceptive, or illegal actions; (iv) ensuring the physical safety of individuals; (v) for short-term, transient use, including non-personalized advertising; (vi) performing or providing internal business services; (vii) verifying or maintaining the quality or safety of a service or device; or (viii) for purposes that do not infer characteristics about you. In limited circumstances, you may have the right to limit our processing of your Sensitive Personal Information.
Right to Opt Out of Sale/Sharing. You may request to opt out from the sale or sharing of your Personal Information. We do not knowingly sell or share personal information of minors under the age of 16.

You may exercise a Right to Know, Right to Delete and Right to Correct request via our webform at https://www.massmutualascend.com/privacy-policy or call us at 1-888-595- 6918.

You may exercise your preferences and learn about the Right to Opt-Out of Sale/Sharing by visiting https://www.massmutualascend.com/privacy-requests. To the extent required by law, we will honor opt-out preference signals sent in a format commonly used and recognized by businesses, such as an HTTP header field or JavaScript object. We will process opt-out preference signals at the browser level.

Non-Discrimination: We will not discriminate against you in any manner prohibited by law for exercising your privacy rights.

Verification: In order to process requests, we may need to obtain information to locate you in our records or verify your identity using reasonable methods. For Right to Know, Right to Delete, Right to Correct, and Right to Limit Processing of Sensitive Personal Information, we will collect some or all of the following data elements: Name, Date of Birth and part of your Social Security Number, email addresses, phone number, and home address. In some cases, we may ask for more or different information if needed to verify you. We may also use a third party identify verification and fraud prevention service that will present you with additional knowledge-based questions. When it comes to identity verification, our third party verification and fraud prevention service only tells us whether your identity was verified and we do not use this information for any other purpose. We will not store or use the answers to such questions for any other purpose.

Authorized Agents: Authorized agents may exercise rights on behalf of consumers by submitting a request via our online webform located at https://www.massmutualascend.com/privacy-policy and indicating that they are submitting the request as an agent. Agents should provide their own information to verify the agent’s identity, after which we will contact the agent with additional instructions to complete the submission process on behalf of a consumer. We may require agents to demonstrate authority to act on behalf of a consumer by providing signed permission and may require consumers to directly verify their identity with us using the methods described above.

Timing: We will respond to Right to Know, Right to Delete, and Right to Correct requests within 45 days, unless we need more time. If more time is needed, we will notify you of that fact and we may take up to 90 days total to respond to your request.

8. Contact Information

If you have questions regarding this Privacy Disclosure or how MassMutual Ascend uses your Personal Information, please contact us at 1-888-595-6918 or email us at [email protected].