Privacy Statement
AFCO Statement on Privacy
AFCO CREDIT CORPORATION
AFCO ACCEPTANCE CORPORATION
(Collectively "AFCO")
AFCO cares deeply about the privacy and security of our clients’ personal information, and protecting your information is consistent with our purpose, mission, and values. We believe it is helpful to have an overview of how this commitment is applied as AFCO collects, uses, and protects your personal information when you visit us online or on our applications.
AFCO Statement of Online Privacy Practices
Updated December 2022
What this policy covers
This AFCO Statement of Online Privacy Practices (“Privacy Policy”) describes how we collect information when you visit or use AFCO’s websites and other online services (“Online Services”) that link to this Privacy Policy. It also describes how we use and share such information and explains your privacy rights and choices. Our Online Services are intended for a U.S. audience. The terms “AFCO,” “we,” “us,” or “our” mean AFCO Credit Corporation and AFCO Acceptance Corporation. “You” means an individual who visits our Online Services and does not refer to a business or other entity or to individuals outside the U.S.
AFCO’s business address is AFCO Credit Corporation, 5600 North River Road, Suite 400, Rosemont, IL 60018-5187, USA. Our Client Contact Center may be reached at 800-288-6901.
What this policy does not cover
This Privacy Policy does not apply to the websites or services of AFCO’s businesses and affiliates that do not directly link to this policy. Some AFCO businesses and affiliates have their own privacy policies, which can be found on their websites. It also does not apply to non-AFCO companies, such as third-party websites to which we link online. Please review the privacy policies of other websites and services you visit to understand their privacy practices.
What information we collect
When you visit an AFCO website, application, or otherwise interact with us online, we may collect the following information:
Your browser type (e.g., Google Chrome, Microsoft Edge, Apple Safari, Mozilla Firefox)
Your Internet Protocol or “IP” address (Your IP address is a number that is automatically assigned to your device by your Internet Service Provider. An IP address is identified and logged automatically whenever you visit a site, along with the time of the visit and the page(s) that were visited)
The presence of any software on your device that may be necessary to view our site
Configuration information about the device you are using, including, but not limited to, your device type, web browser type and version, operating system type and version, display/screen settings, language preferences
Personal information submitted on applications, forms, and onsite electronic messaging. Types of personal information typically include:
Name
Address
Telephone number
Account numbers and account information
Usernames
Passwords and other authentication information like PINs, security questions, and other secure sign-on methods*
Search engine traffic referral information
Transactional information from behind the secure login about your relationship with us
How do we use the information we collect?
The information we collect online helps AFCO to:
Effectively manage your account:
Ensure your identity and protect the security of your personal and account information from unauthorized access
Process transactions on your account
Respond to questions
Fulfill regulatory requirements
Analyze our site usage and enhance the user's experience:
Diagnose server problems
Alert users of any possible software compatibility issues
Help us make decisions about how various technologies are used and identify usage trends
Make business decisions:
Analyze data and credit risk
Conduct audits
Develop and improve products and services
Carry out other day-to-day business operations, such as to comply with applicable laws; perform compliance activities; and engage in human resources activities
Prevent and detect fraud
Protect against risks to security
Monitor network activity logs
Detect security incidents and conduct data security investigations
Protect against malicious, deceptive, fraudulent, or illegal activity
We only use personal information that we have about you when we have a legal basis to use such personal information under applicable data protection laws.
How do we share the information we collect?
AFCO shares your information in different ways as permitted and required by law. For example, we may share your information with:
Affiliates and other entities in the AFCO family
Businesses with which we partner to offer products and services for our clients or prospective customers, such as bill pay partners
Service providers that provide various services to us, such as those we use to help detect and prevent fraud and improve our online services
Government entities and other third parties as needed for legal or similar purposes, such as:
To respond to requests from our regulators
To respond to a warrant, subpoena, governmental audit or investigation, law enforcement request, legal order, or other legal process
To facilitate a merger, acquisition, sale, bankruptcy, or other disposition of some or all of our assets
To exercise or defend legal claims
Please see the AFCO Consumer Privacy Notice (Link) for more information on how your personal information may be shared and how you may be able to limit certain types of sharing.
Please note, we may also share aggregated and de-identified data, such as aggregated statistics regarding product usage, with third parties.
We reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including, without limitation, in the event of a reorganization, dissolution, or liquidation).
Visiting the AFCO website from outside the United States
If you are visiting the AFCO website, please be aware that your personal information may be transferred to, or stored and processed in, the United States. We will rely on legally provided mechanisms (e.g., derogations such as performance of a contract) to lawfully transfer personal data across borders.
Retention period
We store your personal information as long as it is required to meet our contractual and legal obligations, or if we have a legitimate business need to do so.
Technologies we use
AFCO may employ various technologies to collect information, including:
Cookies: Cookies are pieces of information stored directly on your device. Cookies provide information that is used for security purposes, to facilitate navigation, to display information more effectively, and to personalize/customize your online experience. The cookies AFCO uses do not collect or store any personally identifiable information about you. AFCO uses persistent cookies to learn how visitors use our site, such as which pages are viewed the most, to identify the most common navigation paths, or to customize the presentation of information on the site. AFCO also uses session cookies to assist in delivering some online transactions. Session cookies are no longer active after you log off the service that initiated them, and all session cookies are automatically deleted when you close all browser windows.
Marketing pixels, web beacons, clear GIFs, or other technologies: This technology may be placed on certain pages of our website, applications, emails, and other marketing initiatives. These tags usually work in conjunction with cookies and allow us to measure the effectiveness of our site and compile statistics about usage and response rates.
Firewalls, passcodes, data encryption, and other safety features: AFCO uses these technologies to ensure that the information you provide us remains secure.
Third-party plugins. Other companies may have plugins that appear on certain pages of our website or applications. Some of these, for example, may be from social media companies (e.g., the Facebook “Like” button). These plugins may collect information, such as information about the pages you visit, and share it with the company that created the plugin even if you do not click on the plugin. These third-party plugins and the way they operate are governed by the privacy policies and terms of the companies that created them.
Interacting with AFCO online
Third-party aggregation services and tools
Aggregation allows you to gather information from many websites and view that information in a consolidated format. An example of why you might use a third-party aggregation tool is if you wanted a comprehensive view of assets and liabilities held within your financial accounts. If you provide information about your AFCO accounts (including your access information) to an aggregation service provider, we will consider that as your having authorized all transactions initiated by that aggregation site. AFCO reserves the right to disable aggregation for any account without notice. If you wish to cancel your third-party aggregation services, you should also change your AFCO password.
Social media
Given the very public nature of social media, it is critical that we all safeguard confidential financial information. If you post information on a AFCO site that we feel should be shielded from public view, we will remove it. This includes not only specific details about your AFCO accounts and other private, confidential information (such as your Social Security number), but details of information relayed in private conversations between you and AFCO representatives. Please know that in taking down or editing your posts, we are focusing our experience and best judgment to keep your personal information safe.
Email transmitted across the internet is normally not protected and may be intercepted and viewed by others. Therefore, you should refrain from sending any confidential or private information via unsecured email to AFCO. We'll never ask you to send confidential information to us via email, such as your logon ID, password, full account numbers, or Social Security number.
Occasionally, we will retain the content of your email—and our replies—to confirm proper responses to your questions and requests, to comply with legal and regulatory requirements, and to ensure that we consistently deliver an enjoyable client experience to you.
Linking to other sites
AFCO may provide links to non-AFCO companies, such as merchants, and will notify you when leaving the AFCO site. If you choose to link to websites not controlled by AFCO, we are not responsible for the privacy or security of these sites, including the accuracy, completeness, reliability or suitability of their information. If you are asked to provide information on one of these sites, we urge you to carefully study their privacy policies before sharing.
Control your online and other privacy preferences
In summary, the following links can help you to customize and control your privacy preferences when interacting with AFCO online:
Do Not Track
We do not currently respond to browser “do not track” signals or other mechanisms that allow you to tell websites you do not want to have online activities tracked.
Protecting your children
AFCO strictly follows the federal guidelines of the Children’s Online Privacy Protection Act (COPPA), which gives parents control over what type of information is collected online about their children. We do not knowingly collect, maintain, or use personally identifiable information from children under age 13 on our websites. We are not responsible for the data collection and use practices of nonaffiliated third parties that are linked from our websites. Visit the Federal Trade Commission’s COPPA Website (link) for more information.
Security
To protect personal information from unauthorized access and use, we use security measures that comply with applicable federal and state laws. These measures may include device safeguards and secured files and buildings as well as oversight of our third- party service providers to ensure information remains confidential and secure.
Making sure your information is accurate, and individual rights
Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please call or write to us at the telephone numbers or appropriate address for changes listed on your account statements, records, online or other account materials. You can also speak to a client representative at 800-624-2206 and select Option #2.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We will ask you to verify your identity in order to help us respond efficiently to your request. Consumers may also exercise their consumer rights under the California Consumer Privacy Act (CCPA) (link).
Under non-U.S. data protection laws, you may have the right to complain to a data protection authority about our collection and use of your personal information.
Online privacy practices updates
AFCO’s Online Privacy Practices may be revised from time to time, so please review them periodically. Any changes will become effective when we post the revised Practices on the site (Please note the effective date listed at the top of this page). If we revise our Online Privacy Practices in a material way, we will provide a conspicuous notice on our website when any changes take effect.
Contact us
If you have any questions or comments on our Online Privacy Practices, please contact us by (1) calling 800-288-2313 and selecting the Privacy Specialist option; or (2) emailing AFCO-Compliance@afco.com.
CCPA Privacy Notice / Notice At Collection
Last Updated June 2023
Maintaining the privacy and security of your personal information is AFCO Credit Corporation’s and AFCO Acceptance Corporation’s (collectively referred to as “AFCO”) highest priority. In doing so, we want to provide transparency regarding how and why your data is collected, how it is used, with whom it may be shared, and how long it is kept. This notice, as well as AFCO’s Consumer Privacy Notice on the AFCO Privacy Notice and Statement of Online Privacy Practices [AFCO Statement of Online Privacy Practices] informs consumers how we will interact with your personal information.
The purpose of this Notice at Collection and CCPA Privacy Notice (“Notice”) is to provide you with timely notice, at or before the point of collection, of the details about our practices concerning the privacy of your personal information. This Notice is directed to consumers who reside in the state of California (“consumers” or “you”) and relates to personal information covered by the California Consumer Privacy Act (CCPA). Specifically, this Notice provides comprehensive information about our online and offline practices, along with details concerning how you may exercise your California privacy rights and make requests to access, correct or delete the information that AFCO holds about you. We will not collect additional categories of personal information without providing you a new Notice at Collection disclosing these categories.
Please note that AFCO adheres to an exemption within the CCPA for data collected pursuant to the Gramm-Leach-Bliley Act (GLBA). This Notice and the rights described do not apply to information we collect when you apply for or obtain our financial products and services for personal, family, or household purposes, which is subject to our AFCO Privacy Notice.
Personal Information Collected and Purpose for Collection
The following charts provide specifics about AFCO’s practices related to the collection, use and selling or sharing of personal information:
General Personal Information
Categories of Personal Information Collected & Disclosed |
Purpose for Collection |
Purpose for Disclosure |
A. Identifiers: For example, real name or alias, address, online identifier, IP address, email address, account name, SSN, driver’s license number, passport number, or other similar identifiers. |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements |
B. Personal Information Categories from Cal. Civ. Code § 1798.80I: For example, name, signature, SSN, physical characteristics or description, address, phone number, passport number, driver’s license or state ID card number, policy or account numbers, education, employment, employment history, credit or debit card numbers, or any other financial, medical or health insurance information. |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements -Share personal information with service providers that provide various services to us |
C. Characteristics of CA or Federal Protected Classifications: For example, race, religion, national origin), age (40 and over), gender, sexual orientation, medical condition, ancestry, pregnancy (includes childbirth, breastfeeding and/or related medical conditions), familial status, disability, veteran status, or genetic information. |
N/A |
N/A |
D. Commercial Information: For example, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
N/A |
N/A |
E. Biometric Information: For example, physiological, biological or behavioral characteristics, including DNA, that can be used to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. |
N/A |
N/A |
F. Internet or Other Similar Network Activity: For example, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement |
N/A |
N/A |
G. Geolocation Data: For example, information that can be used to determine a device’s physical location |
N/A |
N/A |
H. Sensory Data or Recordings: For example, audio, electronic, visual, thermal, olfactory, or similar information that can be linked or associated with a particular consumer or household |
N/A |
N/A |
I. Professional or Employment-Related Information: For example, compensation, evaluations, performance reviews, personnel files and current and past job history. |
N/A |
N/A |
J. Education Information (defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99)): Education records directly related to a student maintained by an education institution or party acting on its behalf, for example, non-public information that can be used to distinguish or trace an individual’s identity in relation to an educational institution either directly or indirectly through linkages with other information. |
N/A |
N/A |
K. Profile Data: For example, inferences drawn from personal information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
N/A |
N/A |
Sensitive Personal Information
Categories of Sensitive Personal Information |
Purpose for Collection |
Purpose for Disclosure |
SSN, Driver’s License, State ID Card, Passport Number |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements |
-N/A |
Account Login, financial account, debit or credit card number when provided with any security or access code, password or credentials allowing access to an account |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements |
-Deliver, manage, and support products and services, manage relationships, and maintain accounts -Manage fraud and financial crimes -Meet legal, regulatory, or compliance requirements -Share personal information with service providers that provide various services to us |
Precise geolocation |
N/A |
N/A |
Racial or ethnic origin, religious or philosophical beliefs, or union membership |
N/A |
N/A |
Contents of a consumer’s mail, email and text messages (unless AFCO is the intended recipient) |
N/A |
N/A |
Genetic Data |
N/A |
N/A |
Biometric information for the purpose of unique identification |
N/A |
N/A |
Health information |
N/A |
N/A |
Information concerning sex life or sexual orientation |
N/A |
N/A |
What we Sell to Third Parties or Share with Third Parties for Cross-Context Behavioral Advertising and What we Share with Third Parties for Business Purposes
We have not sold or shared with third parties for cross-context behavioral advertising personal information to third parties in the preceding 12 months as disclosed in the table below. We do share personal information for business purposes with the third parties described below.
General Personal Information
Categories sold to or shared with third parties over the last 12 months |
Categories of Third Parties to whom the information was shared for business purposes |
A. Identifiers |
- Affiliates and other entities in the AFCO family - Service Providers that provide various services to us |
B. Personal Information Categories from Cal. Civ. Code § 1798.80(e) |
- Affiliates and other entities in the AFCO family - Service Providers that provide various services to us |
C. Characteristics of CA or Federal Protected Classifications |
N/A |
D. Commercial Information |
N/A |
E. Biometric Information |
N/A |
F. Internet or Other Similar Network Activity |
N/A |
G. Geolocation Data |
N/A |
H. Sensory Data or Recordings |
N/A |
I. Professional or Employment-Related Information |
N/A |
J. Education Information |
N/A |
K. Profile Data |
N/A |
Sensitive Personal Information
Categories sold to or shared with third parties over the last 12 months |
Categories of third parties to whom the information was shared for business purposes |
Social Security Number, Driver’s License, State Identification Card, or Passport Number |
N/A |
Account log-in, financial account, debit card, or credit card number when provided with any required security or access code, password, or credentials allowing access to an account |
- Affiliates and other entities in the AFCO family - Service Providers that provide various services to us |
Precise geolocation |
N/A |
Racial or ethnic origin, religious or philosophical beliefs, or union membership |
N/A |
Contents of a consumer’s mail, email, and text messages (unless we are the intended recipient of the communication) |
N/A |
Genetic data |
N/A |
Biometric information for the purpose of unique identification |
N/A |
Health information |
N/A |
Information concerning sex life or sexual orientation |
N/A |
Notice of Right to Limit Use of Sensitive Personal Information
AFCO only collects/processes sensitive personal information for permissible purposes that do not infer characteristics about a consumer, therefore there is not an opt-out for the use of sensitive personal information.
Retention of Personal Information
AFCO has established product and business-level criteria for retention and disposal according to business requirements, laws, regulations, and applicable industry standards.
Sources of Personal Information
AFCO collects information from various sources, including:
- Directly from you or your guardians/representatives
- Service providers that support our business operations (e.g., data analytics providers)
- Our affiliates or subsidiaries
- Independent insurance agents
- Public records or publicly available data
Consumer Rights Under the CCPA
Right to Know / See Data Request
You have the right to request that AFCO disclose categories or specific pieces of information we have collected about you over the last 12 months, the categories of sources from which that information was collected, the business or commercial purpose(s) for which the information was collected, sold, or shared with third parties for cross context behavioral advertising, and the categories of third parties with whom we share personal information.
Right to Correct
You have the right to request correction of inaccurate information maintained by AFCO. In many instances, such updates are best made by logging into your online account or employee portals, emailing AFCO-Compliance@afco.com, or calling 800-288-2313, and some corrections may require specific documentation to be provided as required by law. If you provide us documentation, it will only be used or maintained for the purpose of correcting the information and complying with our recordkeeping requirements under the CCPA. AFCO also provides links and the privacy request line as described below.
Right to Delete
You have the right to request deletion of personal information that AFCO has collected, subject to certain exceptions. For example, we may deny your request if retaining the information is necessary for us to complete a transaction you requested or comply with our legal obligations.
Submitting a Verified Consumer Request
Consumers are welcome to submit right to know, correction, or deletion requests by clicking here.
Individuals are also welcome to submit requests by emailing AFCO-Compliance@afco.com or calling 800-288-2313.
All requests must be verified prior to receiving a response, using AFCO authentication protocols. Requesters will be asked to supply certain basic Personal Information to enable us to verify the request against our records, such as name, Social Security number, and address. Information submitted for verification purposes will only be used to verify the requestor’s identity and/or authority to make a request on another’s behalf.
Requests made on another person’s behalf can only be accepted upon receipt of documentation that the requestor is an authorized agent, parent, or legal guardian of the consumer whose information is being requested. This will require the submission of a valid Power of Attorney, Birth Certificate, approved AFCO authorization form, Guardianship Order, or other court order granting authority to receive information, as appropriate.
Upon submission of a request, consumers will receive an initial confirmation of receipt within 10 days. We will respond to your request within 45 days (unless an extension of up to 45 additional days is requested, upon which the consumer will receive notice and an explanation for the extension).
Non-Discrimination
The submission of any CCPA request will have no impact on the service and/or pricing you receive from AFCO. It will not result in any denial of goods or services, or different prices, rates or quality of goods or services, nor will it result in retaliation against an employee, applicant, or independent contractor.
Consumers Under 16 Years of Age
AFCO’s products and services are not intended for consumers under the age of 16, and we do not knowingly collect information from children under the age of 16 without consent. Truist does not knowingly sell the personal information of minors under the age of 16 or share such information for cross-contextual advertising.
Updates
This Notice may be revised from time to time, so please review this page periodically. Any changes will become effective when we post the revised notice on the site (please note the effective date listed at the top of this page).
Contact Us
If you have any questions or comments on this notice or our privacy practices generally, please contact us at AFCO-Compliance@afco.com or calling 800-288-2313. You can also visit AFCO Privacy for additional information.
AFCO Privacy Notice
Revised 8/22
FACTS |
WHAT DOES AFCO PREMIUM FINANCE DO |
Why? |
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do. |
What? |
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
When you are no longer our customer, we continue to share your information as described in this notice. |
How? |
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons AFCO Premium Finance chooses to share; and whether you can limit this sharing. |
Reasons we can share your personal information |
Does AFCO Premium Finance share? |
Can you limit this sharing? |
For our everyday business purposes— such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus; or as permitted by law |
Yes |
No |
For our marketing purposes— to offer our products and services to you |
No |
We don’t share. |
For joint marketing with other financial companies |
No |
We don’t share. |
For our affiliates’ everyday business purposes—information about your transactions and experiences |
Yes |
No |
For our affiliates’ everyday business purposes—information about your creditworthiness |
No |
We don’t share. |
For our affiliates to market to you |
No |
We don’t share. |
For nonaffiliates to market to you |
No |
We don’t share. |
Questions? |
Call 800-288-6901 |
Who we are |
|
Who is providing this notice? |
AFCO Credit Corporation AFCO Acceptance Corp. |
What we do |
|
How does AFCO Premium Finance protect my personal information? |
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. Our employees are bound by our Code of Ethics and policies to access consumer information only for legitimate business purposes and to keep information about you confidential. |
How does AFCO Premium Finance collect my personal information? |
We collect your personal information, for example, when you
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies. |
Why can’t I limit all sharing? |
Federal law gives you the right to limit only
State laws and individual companies may give you additional rights to limit sharing. [See below for more on your rights under state law.] |
What happens when I limit sharing for an account I hold jointly with someone else. |
Your choices will apply to everyone on your account. |
Definitions |
|
Affiliates |
Companies related by common ownership or control. They can be financial and nonfinancial companies.
|
Nonaffiliates |
Companies not related by common ownership or control. They can be financial and nonfinancial companies.
|
Joint marketing |
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
|
Other important information |
|
You may have other privacy protections under some state laws. We will comply with applicable state laws as to information about you.
|
|