My Principal Lifestyle Privacy Policy 

Last Updated: 01/01/2020 


This Privacy Policy describes the privacy practices for the My Principal Lifestyle Application (the "App"). It is meant to help you understand the type of personal information we collect, how we collect and use that information, whom we may need to share the information with, and how we protect it. 

Please review this Privacy Policy carefully. When you submit information to or through the App, you consent to the collection and processing of your information as described in this Privacy Policy. If you have not done so already, please also review the App's Terms and Conditions and the App's End User License Agreement. This Privacy Policy is incorporated into and made a part of the App's Terms and Conditions. 

If you do not agree with any part of this Privacy Policy, the App's Terms and Conditions, or the App's End User License Agreement, then please do not download or use the App. 

If you have other products or services within the Principal Financial Group (“Principal”), you are subject to the terms and conditions, privacy notices, and other policies for those products and services. Additional detail about Principal's other privacy policies and notices is available at 

The Types of Information We Collect 

When you use our App, we collect the following types of information. 

How We Collect Information 

We collect information from the following sources: 

We utilize cookies.  For additional information about how we use cookies, and how you can control what information is collected, please see the Cookie Policy section of this Privacy Policy. 

How We Use Information We Collect 

We use the information we collect for the following reasons: 

Cookie Policy 

About cookies and how we use cookies 

Cookies are used to store information on your computer and are a way to have your web browser "remember" specific bits of information about your previous visits to our site. They allow you to access secured information, conduct secured transactions, and take advantage of promotional opportunities. They are designed to help you have a better user experience within our website, and we use the information to improve our site content and site functionality. For example, we use Google Analytics to help understand how users interact with our website and on the App.   

Different websites store the information in cookies differently. Cookies allow us to identify your device, which in combination with other information we are collecting, may allow us to identify you personally. Any such information is stored in our protected systems and not in the cookie or on the Internet. 

Cookies save you time as they help us to remember who you are, and they help us to be more efficient. We can learn about what content is important to you and what is not.  We can revise or remove content that is not of interest and focus our energies on content you want. 

Types of cookies we use 

We use two types of cookies: 

1. Session cookies. These are temporary and expire when you leave our website or are inactive for a specified length of time. Session cookies allow the website to recognize you as you navigate between pages during a single browser session and allow you to use the website most efficiently.  

2. Persistent cookies. These store your preferences for a site, are stored on your computer, and are read by your browser each time you visit the website. They therefore enable the website to “recognize” you on your return, remember your preferences, and tailor services to you. 

About spotlight tags 

Spotlight tags analyze behavior of users who have previously clicked or viewed one of our digital advertisements. Spotlight tags only collect anonymous, non-personally identifiable information, and at no time do spotlight tags record user name, password, email address, or Internet Protocol (IP) addresses. 

Spotlight activities are reported only if they are created by a user who meets the following three criteria: 

1. Clicks one of our ads and is redirected to our website, or views one of our ads and accesses our website later. 

2. Performs an activity on a page containing a spotlight tag. 

3. Performs this activity within 30 days of clicking and/or viewing one of our ads. 

Internet applications and do-not-track signals 

During some visits to our website we may collect Usage Information. This information includes page response times, download errors, what time you visited our website, how long you were on our website, if you've been to the website before, what web pages you visited, page interaction such as scrolling, clicks, and mouse overs, what type of browser you used to access our website and methods to browse away from the page. This information helps us identify ways to modify and improve our websites. Examples of information we collect and analyze include the Internet Protocol (IP) address or other unique identifier for the device you use to access the Internet, login email address, computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions and operating systems. Principal considers the information collected through our website valuable. At this time, Principal does not respond to do-not-track signals or similar technologies sent by a browser setting. However, visitors will continue to have the ability to control cookie settings for Principal’s websites.  

How you can control what data is collected through cookies 

The information we collect may depend on your web browser settings. Most browsers (Chrome, Safari, Firefox, Internet Explorer, etc.) automatically accept cookies, but you can usually alter the setting of your browser to prevent that; however, doing so may limit your access to certain sections of our website, including account information found behind the login.

If you do not wish to receive cookies, please refer to the help section of your browser to learn how to either block all cookies or receive a warning before a cookie is stored on your computer.  In addition to altering the cookie settings on your browser, you can also install the Google Analytics Opt-out Add-on, which prevents Google Analytics from collecting information about your website visits. 

How We Protect Your Information 

We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. We have comprehensive security practices and procedures in place to protect data entrusted to us. Additional detail about how Principal protects your data is available online at under "Important Information". No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact our Privacy Officer at P.O. Box 14582, Des Moines, IA 50306-3582 or at 

How You Can Access and Manage Your App Account 

We provide you with account settings and tools to access and manage the personal information associated with your App account. We store information associated with your App account until your App account is deleted. You can request that we delete the information contained within the App account at any time by contacting Customer Support at (please note, this only deletes the App account and information stored within the App; it does not delete any underlying contract or policy information you may have with us). It may take up to thirty (30) days to delete your App account information, and we may need to preserve it for legal reasons or to prevent harm, including as described in the “How Information Is Shared and Disclosed” section.

You can also manage certain information about your account by accessing "My Profile" at 

Additional Information for California Consumers 

This section supplements the information contained within this My Principal Lifestyle Privacy Policy and provides additional information to California consumers as required by the California Consumer Privacy Act of 2018 (the “CCPA”). 

This Privacy Policy explains the types of information we collect, how we collect information, how we use information we collect, and whom we share information with.

The CCPA requires that we provide you with additional information about each category of information that we collect.  As previously discussed, the nature of your relationship with us and how you choose to interact with us will determine the specific information we collect, and how/why that information is collected, used and shared.   

The CCPA does not apply to certain types of personal information.  For example, the CCPA does not apply to certain information already protected by other laws.  This includes health and medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or the California Confidentiality of Medical Information Act (CMIA).  It also includes information collected, processed or disclosed pursuant to federal privacy law (Gramm-Leach-Bliley and its implementing regulations) or pursuant to California state law (California Financial Information Privacy Act).   

Principal complies with the protections and rights provided for in the above federal and state laws.   

In addition, under the CCPA, personal information does not include publicly available information from government records or personal information that has been properly de-identified or aggregated.   

The CCPA contains provisions and requirements for businesses that sell personal information. 

Principal does not sell your personal information.   

The CCPA provides California consumers with certain rights regarding their personal information. This section describes your rights under the CCPA and provides information about how to exercise those rights.

Right to Know

This Policy, including the Notice of Collection section, explains how we collect, use and share information.  In addition, you have the right to request that we disclose what personal information we collect, use, disclose, and sell (Principal does not sell your personal information) about you.   

Additional information is contained in the How to Submit a Request section.   

Right to Request Deletion 

You have the right to request that we delete personal information we have collected or maintain about you.  Please note, the CCPA recognizes that businesses may not be able to fulfill a deletion request if there is a business need to maintain the information.  If we are unable to fulfill a deletion request, we will tell you why in our response. 

Additional information is contained in the How to Submit a Request section.   

Right to Opt-Out of the Sale of Personal Information 

You have the right to opt-out of the sale of your personal information.  However, no opt-out is required because Principal does not sell your personal information. 

Right to Non-Discrimination for Exercising Your CCPA Rights 

You have the right not to receive discriminatory treatment for exercising your rights under the CCPA.   

Principal complies with the non-discrimination provisions of the CCPA and other applicable laws.  

How to Submit a Request 

You can exercise your Right to Know and/or Right to Request Deletion by clicking here. 

You can also contact us at 1-800-986-3343.  Please inform our customer service representative that you wish to submit a “Right to Know” and/or a “Right to Request Deletion” request. 

The protection of your personal information is important to us.  In order to respond to your request, we will need to verify your identity. As part of the initial request process, we will ask you for certain information about you. This information helps us identify who is making the request and helps us determine that the person making the request is really whom they say they are.  The information you provide us during the verification process will only be used to review and respond to your request.   

We may not be able to verify your identity based solely on the information you provide during the initial request process.  If we are unable to verify your identity, we will follow-up with you and request additional information that only you should know.  For example, if you have an existing product or service, we may ask information specific to that product or service. Or we may ask you to provide documentation that allows us to verify your identity.  If we are unable to verify your identity, we may not be able to respond to your request. For example, if you are requesting specific pieces of information that we maintain about you, but we are unable to verify your identity, we may not be able to provide you with the specific pieces of information, but may still be able to provide you with the categories of information that we maintain about you.   

Pursuant to the CCPA, you can only submit a Right to Know request twice within a twelve-month period.  The CCPA also allows businesses to establish specific ways in which requests must be submitted, such as through our online form and toll-free telephone number.  In addition, the CCPA’s Right to Know requests only cover information that has been collected or shared within the preceding twelve months. If we are unable to fulfill a request, we will tell you why in our response. 

An authorized agent may submit a request on your behalf. Under the CCPA, an authorized agent is a person or business entity registered with the Secretary of State that you have authorized to act on your behalf. We may still require that you verify your identity with us directly and submit proof that the agent has been authorized to act on your behalf.   

Our Response to Your Right to Know and Right to Request Deletion Requests 

We will confirm receipt of your request within 10 days and provide information about how we will process the request.  This confirmation will include additional information, as applicable, regarding the verification process. The CCPA allows for a response within 45 days of receiving your request.  If we need additional time to respond, the CCPA allows for an additional 45 days. We will contact you if we need the additional time and explain why.   

Our response will contain additional information specific to your request.  This could include, for example, reasons why we were unable to fulfill the request.    

We do not normally charge a fee to process or respond to your request.  The CCPA does permit us to charge a fee, however, if the request is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

Contact for More Information: 

If you have any questions about our privacy policies and practices, or about the CCPA, please contact us at: or Privacy Officer, P.O. Box 14582, Des Moines, IA 50306-3582. 

Other Important Information 

Children’s privacy online 

The App is not directed toward or intended for use by children. Users under the age of 18, or the equivalent minimum age in the relevant jurisdiction, are not permitted to create accounts and use the App. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at 

Effective Date and Changes to this Policy 

The Effective Date of this Privacy Policy is set forth at the top of this page. Whenever possible, we will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the App. We will not make retroactive changes that reduce your privacy rights unless we are legally required to do so. Your continued use of the App after the Effective Date constitutes your acceptance of the amended Privacy Policy. The amended Privacy Policy supersedes all previous versions.  

For your convenience, whenever this Policy is changed, we will update the Last Updated Date at the top of this policy. Be sure you check the Last Updated Date to see if this Policy has been revised since your last visit. We recommend that visitors to our site review our digital privacy policies from time to time to learn of new privacy practices and changes to our policies. 

How to Contact Us

If you have questions about this Privacy Policy, or about how we collect and use your personal information, please contact us at or at: 

Privacy Officer

P.O. Box 14582

Des Moines, IA 50306-3582