This Privacy Disclosure (“Disclosure”) describes how MassMutual Ascend Life Insurance Company and its subsidiaries (collectively, “MassMutual Ascend,” “we,” “us,” or “our,” “Company”) that are subject to the California Consumer Privacy Act (“CCPA”) handles Personal Information that is subject to the CCPA for individuals who interact with us through our websites, social media accounts, online advertisements, and mobile applications (collectively, our “Platforms”), through communications (such as mail, email, and phone), at in-person events, and through other online and offline methods.
As used in this disclosure, “Personal Information” means any information that identifies, describes, or can reasonably be associated with a particular individual.
Please note, this disclosure does not apply to Personal Information that is exempt from the CCPA, such as data subject to the Fair Credit Reporting Act (“FCRA), the federal Gramm-Leach-Bliley Act (“GLBA”), or the California Financial Information Privacy Act (collectively, “Exempt Financial Information”). Exempt Financial Information is subject to our GLBA privacy notice [https://www.massmutualascend.com/privacy-policy/policy]. This Privacy Disclosure also does not apply to other, non-financial Personal Information that is exempt from the CCPA, such as data subject to the Health Insurance Portability and Accountability Act (HIPAA), the California Confidentiality of Medical Information Act, or the Driver’s Privacy Protection Act of 1994.
MassMutual Ascend provides this Disclosure to inform you how we process Personal Information that we collect through our Platforms (defined above), through communications (such as mail or phone), at in-person meetings and events, and through other online and offline methods.
Changes: We may update this Disclosure from time to time. Any updated Disclosure will be effective when posted. Please check this Disclosure periodically for updates. If required by law, we will contact you directly to provide you with an updated Disclosure.
1. Sources of Personal Information
We collect Personal Information about you from the following sources:
A. Directly from you. We may collect Personal Information you provide to us directly, such as when you contact us through our Platforms, interact with us in person, sign up for offers or newsletters, or otherwise communicate with us.
B. Data collected automatically and through tracking technologies. We may automatically collect information or inferences about you, such as through Page 2 of 10 cookies and other tracking technologies, when you interact with our Platforms. This may include information about how you use and interact with our Platforms or otherwise interact with us, information about your device, and internet usage information. For more information, see “Section 5 – Cookies and Other Tracking Technologies.”
C. From service providers who collect information on our behalf.
D. From our affiliates and subsidiaries.
E. From MassMutual Ascend financial professionals (such as agents and brokers).
F. From third parties, such as commercial business partners, data brokers, social media companies or other parties who interact with us.
G. From publicly available sources. We may collect Personal Data about you from publicly available sources, such as public profiles and websites.
We may combine information that we receive from the various sources described in this Disclosure, including third party sources, and use or disclose it for the purposes identified below.
2. Types of Personal Information We Collect
We may collect the following types of Personal Information about you:
A. Identifiers, such as your name, email address, physical address, telephone number, and device identifiers.
B. Records about you, such as covered medical or health information, investments, estimated income, and other information that we obtain directly or from commercial data partners.
C. Protected class and demographic information, such as age (including birthdates), gender, and veteran status.
D. Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Internet or other electronic network activity information, such as your device, and how you interact with the Platforms. Data elements may include browsing history, search history, preference information (including marketing and purchasing preferences), account settings (including any default preferences), operating system, browser used, and other information about how you interact with our Platforms (such as pages on our Platforms that you have viewed).
F. Non-precise geolocation data, such as your location as derived from your IP address.
G. Audio, visual, or other sensory information, such as photographs and audio/video recordings.
H. Professional or employment-related information, such as job title, organization and other professional information.
I. Education information
J. Inferences drawn from any of the information we collect about your preferences or behavior.
K. Sensitive Personal Information, such as health information obtained from commercial data partners or inferred from your interactions with our Platforms.
3. How We Use Personal Information
We may use Personal Information for the following purposes:
A. For our internal business purposes, such as operating our Platforms and customizing the content; maintaining internal business records, such as accounting, document management and other similar activities; enforcing our policies and rules; management reporting; auditing; IT administration of our network, intranet, and other technologies; and IT security management and tasks.
B. For our internal research and business improvement purposes, such as verifying, maintaining, or improving the quality of our business (including our Platforms); evaluating the effectiveness of our advertising or marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.
C. For legal, safety, or security reasons, such as complying with legal, reporting, and similar requirements; investigating and responding to claims against the Company, its personnel, its customers; and its agents and brokers, for the establishment, exercise or defense of legal claims; protecting our, your, our customers’, and other third parties’ safety, property or rights; detecting, preventing, and responding to security incidents; and protecting against malicious, deceptive, fraudulent, or illegal activity.
D. In connection with a corporate transaction, such as if we acquire, or sell or transfer all or a portion of our business or assets.
E. For marketing and targeted advertising, such as marketing our business or that of our affiliates, business partners, or other third parties (for purposes of this paragraph alone, "we" or "our" includes our affiliates, business partners, or other third parties we may be working with to provide marketing). For example, we may use Personal Information we collect to personalize advertising to you on our Platforms or third party sites and digital properties; to analyze interactions with our email communications or website areas viewed; to develop product, brand or services audiences (including by identifying you across devices/sites) to better target our advertising to you; or to send you newsletters, surveys, questionnaires, promotions, or information about events or webinars. You can unsubscribe to our email marketing via the link in the email or by contacting us using the information in the Contact Information section below.
We may use anonymized, de-identified, or aggregated information for any purpose permitted by law.
4. How We Disclose Personal Information
We may disclose Personal Information to third parties, including the categories of recipients described below. We do not “sell” Personal Information for money. We may engage in routine practices involving third parties that could be considered a "sale" (meaning a disclosure of Personal Information to a third party for consideration) or “sharing” (meaning a disclosure of Personal Information to a third party for targeted advertising purposes), as defined under the CCPA. We do not knowingly sell or share Personal Information about minors.
||Identifiers (Section 2.A)||Records about you (Section 2.B)||Characteristics of protected classifications under California or federal law (Section 2.C)||Commercial information (Section 2.D)||Internet or other electronic network activity (Section 2.E)||Geolocation data (Section 2.F)||Audio, visual, or other sensory information (Section 2.G)||Professional or employment-related information (Section 2.H)||Education information (Section 2.I)||Inferences (Section 2.J)||Sensitive Personal Information (Section 2.K)|
|Categories of Third Parties With Whom We Disclose Personal Information for a Business Purpose||• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure||• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure||• Affiliates and subsidiaries • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure|
|Categories of Third Parties to Whom Personal Information is "Sold" or "Shared"||• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services||• Not sold or shared||• Not sold or shared||• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services||• Advertisers, ad platforms and networks, and social media platforms • Third parties whose cookies and tracking tools we use as described in Section 5 (Cookies and Tracking Technologies) • Commercial data partners to whom we make information available for their own marketing purposes • Partners who work with us on promotional or sponsorship opportunities, including co-branded products and services||• Not sold or shared||• Not sold or shared||• Not sold or shared||• Not Sold or shared|
The categories of recipients in the chart above are used to mean:
A. Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.
B. Professional consultants, such as accountants, lawyers, financial advisors, agents, brokers, and audit firms.
C. Vendors necessary to complete a transaction that you request, such as mailing service companies.
E. Other entities in connection with a corporate transaction, such as if we, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.
5. Cookies and Other Tracking Technologies
- The types of tracking technologies we use and the purposes for which we use them
- The types of information we collect using these technologies
- How we disclose or make information available to others
- Choices you may have regarding these technologies
A. Types of cookies and tracking technologies we use
Our Platforms and the third parties that we authorize may use the following tracking technologies:
- Cookies, which are a type of technology that install a small amount of information on a user's computer or other device when they visit a website. Some cookies exist only during a single session and some are persistent over multiple sessions over time.
- Pixels, web beacons, and tags, which are types of code or transparent graphics that contain a unique identifier. In addition to the uses described in Section 5.B below, these technologies provide analytical information about the user experience and help us customize our marketing activities. In contrast to cookies, which are stored on a user's computer hard drive, pixels, web beacons, and tags are embedded invisibly on web pages.
- Session replay tools, which record your interactions with our Platforms, such as how you move throughout our Platforms and engage with our webforms. In addition to the uses described in Section 5.B below, this information helps us improve our Platforms and identify and fix technical issues visitors may be having with our Platforms.
- Embedded scripts and Software Development Kits (“SDKs”), which allow us to build and integrate custom applications (“apps”) and experiences, some of which may be developed by a third party.
B. Purposes for Using These Technologies
We and authorized third parties use these technologies for purposes including:
- Personalization, such as remembering user preferences, login details and browsing behavior; tracking your activity across online properties and platforms over time to better understand your preferences and interests; and personalizing online content;
- Improving performance, such as maintaining and improving the performance of our Platforms;
- Support, such as assisting customers in the event of an issue while accessing the site;
- Advertising, such as providing you with offers that may be of interest to you; conducting targeted advertising to you on our Platforms and those of third parties; and measuring the effectiveness of our communications with you and advertising campaigns, including identifying how and when you engage with our communications.
C. Personal Information Collected
These tracking technologies collect data about you and your device, such as your IP address, cookie ID, device ID, AdID, operating system, browser used, browser history, search history, and information about how you interact with our Platforms (such as pages on our Platforms that you have viewed, including your specific mouse movements, page clicks, and other session replay information).
D. Disclosures of Personal Information
We may disclose information to third parties or allow third parties to directly collect information using these technologies on our Platforms such as social media companies, advertising networks, companies that facilitate session replay recordings and analysis, companies that provide analytics including ad tracking and reporting, security providers, and others that help us operate our business and Platforms.
E. Your Choices
You can refuse or delete cookies using your browser settings. If you refuse or delete cookies, some of our Platforms’ functionality may be impaired. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies. If you change computers, devices, or browsers; use multiple computers, devices, or browsers; or delete your cookies, you may need to repeat this process for each computer, device, or browser.
Some browsers have incorporated Do Not Track (“DNT”) preferences. We do not currently honor such signals.
6. Data Retention
Our Business Records Management Policy establishes and maintains Company policies and procedures governing the creation, retention, storage, and disposition of corporate records and information, provided that such information to be delete or destroyed is not subject to regulatory requirement to retain it or a legal hold. We retain corporate records for the minimum time period required by law or regulation and/or for a longer period of time consistent with business needs. We determine retention periods for corporate record information using both legal/regulatory citations and business requirements. CCPA rights request records are subject to a two year retention period as required by California law
7. Data Subject Rights
California consumers may have certain rights, subject to legal limitations, regarding the collection, use, and sharing of Personal Information under the CCPA, such as:
- Right to Know. You may request information about the categories of Personal Information we have collected about you; the categories of sources from which we collected the Personal Information; the purposes for collecting, selling, or sharing the Personal Information; and to whom we have disclosed your Personal Information and why. You may also request the specific pieces of Personal Information we have collected about you
- Right to Delete. You may request that we delete Personal Information that we have collected from you.
- Right to Correct. You may request that we correct inaccurate Personal Information that we maintain about you.
- Right to Limit Sensitive Personal Information Processing. We generally only use Sensitive Personal Information that is subject to the CCPA for the following purposes: (i) performing services or providing goods reasonably expected by an average consumer; (ii) detecting security incidents; (iii) resisting malicious, deceptive, or illegal actions; (iv) ensuring the physical safety of individuals; (v) for short-term, transient use, including non-personalized advertising; (vi) performing or providing internal business services; (vii) verifying or maintaining the quality or safety of a service or device; or (viii) for purposes that do not infer characteristics about you. In limited circumstances, you may have the right to limit our processing of your Sensitive Personal Information.
- Right to Opt Out of Sale/Sharing. You may request to opt out from the sale or sharing of your Personal Information. We do not knowingly sell or share personal information of minors under the age of 16.
You may exercise a Right to Know, Right to Delete and Right to Correct request via our webform at https://www.massmutualascend.com/privacy-policy or call us at 1-888-595- 6918.
Non-Discrimination: We will not discriminate against you in any manner prohibited by law for exercising your privacy rights.
Verification: In order to process requests, we may need to obtain information to locate you in our records or verify your identity using reasonable methods. For Right to Know, Right to Delete, Right to Correct, and Right to Limit Processing of Sensitive Personal Information, we will collect some or all of the following data elements: Name, Date of Birth and part of your Social Security Number, email addresses, phone number, and home address. In some cases, we may ask for more or different information if needed to verify you. We may also use a third party identify verification and fraud prevention service that will present you with additional knowledge-based questions. When it comes to identity verification, our third party verification and fraud prevention service only tells us whether your identity was verified and we do not use this information for any other purpose. We will not store or use the answers to such questions for any other purpose.
Authorized Agents: Authorized agents may exercise rights on behalf of consumers by submitting a request via our online webform located at https://www.massmutualascend.com/privacy-policy and indicating that they are submitting the request as an agent. Agents should provide their own information to verify the agent’s identity, after which we will contact the agent with additional instructions to complete the submission process on behalf of a consumer. We may require agents to demonstrate authority to act on behalf of a consumer by providing signed permission and may require consumers to directly verify their identity with us using the methods described above.
Timing: We will respond to Right to Know, Right to Delete, and Right to Correct requests within 45 days, unless we need more time. If more time is needed, we will notify you of that fact and we may take up to 90 days total to respond to your request.
8. Contact Information
If you have questions regarding this Privacy Disclosure or how MassMutual Ascend uses your Personal Information, please contact us at 1-888-595-6918 or email us at [email protected].