My Principal Lifestyle Privacy Policy

Last Updated: 07/23/2020

Overview

This Privacy Policy describes the privacy practices for the My Principal Lifestyle Application (the "App"). It is meant to help you understand the type of personal information we collect, how we collect and use that information, whom we may need to share the information with, and how we protect it.

Please review this Privacy Policy carefully. When you submit information to or through the App, you consent to the collection and processing of your information as described in this Privacy Policy. If you have not done so already, please also review the App's Terms and Conditions and the App's End User License Agreement. This Privacy Policy is incorporated into and made a part of the App's Terms and Conditions.

If you do not agree with any part of this Privacy Policy, the App's Terms and Conditions, or the App's End User License Agreement, then please do not download or use the App.

If you have other products or services within the Principal Financial Group (“Principal”), you are subject to the terms and conditions, privacy notices, and other policies for those products and services. Additional detail about Principal's other privacy policies and notices is available at www.principal.com/privacy-policies

The Types of Information We Collect

When you use our App, we collect the following types of information.

• Account/Identity Information

  • Some information is required to create an account on our App, such as your name, email address, password, date of birth, state of residence, and your mobile telephone number. You may also choose to provide other types of information, such as a profile photo, community username, food log, and messages on discussion boards or to your friends on the App.

• Social Media Information

  • If you choose to connect your account on our App to your account on another service, we may receive information from the other service. For example, if you connect to social media sites through our App such as Facebook, Twitter, and LinkedIn, we may receive information like your name, profile picture, age range, language, email address, posts, pictures, information about your contacts, and other personal information you have separately provided to the social media sites. Your social media site may allow you to control what information you choose to share with the App. In addition, you can stop sharing with us the information from social media sites by removing our access to those sites.

• Exercise/Activity Information

  • If you have chosen to connect another service or device (e.g., wearable fitness device, scale) to the App, we will receive the information collected by that device that you have chosen to share with us. For example, your device may collect data like the number of steps you take, your distance traveled, calories burned, weight, heart rate, sleep stages, and active minutes. The data we receive varies depending on which device you use and what you choose to share with us through the App. When your device syncs with our App, data recorded on your device is transferred from your device to our App. You can stop sharing with us the information from the services and devices by removing our access to those services or disconnecting the device.

  • You may choose to manually enter certain exercise or activity data. For example, you may choose to enter that you lifted weights for 45 minutes, or that you burned 200 calories playing basketball.

• Medical and Health Information

  • If you choose to connect to your medical portal through the App, we will be able to receive personal medical history from your medical providers.

• Other Personal Information

  • If you contact us or participate in a survey, quiz, poll, contest, promotion, discussion board or other similar activity we collect the information you submit such as your name, contact information, response, and message.

  • If you choose to share your personal story with us, and explicitly agree that it can be shared, we may share your story consistent with the consent you provide.

• Policy/Contract Information

  • The App contains self-serve capabilities whereby you can review, maintain and update certain aspects of your policy or contract you have with us. For example, you may be able to make beneficiary changes or update your name and address. If you choose to use these self-serve capabilities, we will collect the information you submit related to your policy or contract.

• Usage Information

  • When you access or use our App, we receive certain data that shows how you are interacting within the App. This includes information about when you view or search content in the App, create or log into your account, pair your device to your account, or open or interact with an application such as a social media account via the App on your device.

  • We also collect data about the devices and computers you use to access the App or our website, including IP addresses, browser type, language, operating system, mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.

How We Collect Information

We collect information from the following sources:

• You

  • We collect information that you provide or make available to us. This includes information that is made available to us because you have connected the App with other services (e.g., social media accounts) or devices (e.g., wearable fitness device).

  • We also collect information from third parties that you authorize us to collect from, such as from medical providers when you apply for an insurance product.

• App Usage

  • We collect information through your use of the App, such as the Usage Information described in the previous section.

We utilize cookies. For additional information about how we use cookies, please see the Cookie Policy section of this Privacy Policy.

How We Use Information We Collect

We use the information we collect for the following reasons:

• To provide your Principal advisor with information that can facilitate conversations you have with your advisor and to help your advisor identify products or services that might be of interest to you.

  • For example, if your interactions within the App (e.g., clicking on educational or informative content) indicate you might be interested in, or have a need for, a certain financial product or service, this information may be provided to your Principal advisor to facilitate future conversations.

  • If the information we receive from your social media sites (those sites that you have connected the App to) indicates that you have had a life event (e.g., a marriage, new job, or new child), this information may be provided to your Principal advisor to facilitate future conversations.

  • If your location data or other information collected through the App indicates that you have had a life event (e.g., a marriage, new job, or new child) or have an interest in a specific product or service, this information may be provided to your Principal advisor to facilitate future conversations.

  • If you indicate in the App that you want to contact your advisor, that request will be provided to a Principal advisor.

  • If you have a Principal advisor, the request will be sent to that individual.  If you do not have a Principal advisor, you may be contacted by an advisor within the Principal advisor network.

• To develop, provide, improve and personalize the products and services we offer, and to give each user a more consistent and personalized experience when interacting with us.

  • For example, we use the information to provide you with the services you request; understand how you and other users interact with the services; track exercise, activity, and other trends; provide customer support; troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys; and develop new features and services.

  • We may also use your information to help you find and connect with other users and to allow other users to find and connect with you on the App. For example, your account contact information allows other users to add you as a friend. When another user has your email or mobile phone number in their contact list or in their friend network on a connected service, we show that user that you are a user of the App.

• For customer service, security, to detect fraud or illegal activities, and for archival and backup purposes in connection with the provision of the App.

  • We use the information we collect to promote the safety and security of the App, our users, and other parties. For example, we may use the information to authenticate users, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

• To communicate with users either via email, telephone, text (SMS) messages, mail, or as otherwise authorized by you.

  • We use your information to send you notifications and inform you of new features or products we think you would be interested in. You can control marketing communications and most service-related notifications by using your notification preferences in account settings or via the 'Unsubscribe' link in an email. We also use your information to respond to you when you contact us.

• To better understand how users access and use the App, for the purposes of trying to improve the App and to respond to user preferences, including language and location customization, personalized help and instructions, or other responses to users’ usage of the App.

  • We use the information we collect to personalize the App, make inferences, and show you more relevant content. Here are some examples:

    • Information like your height, weight, gender, and age allows us to personalize your daily exercise and activity statistics like the number of calories you burned and the distance you traveled.

    • Based on your sleep data, we may make inferences about your sleeping patterns and provide you with customized insights to help you improve your sleep.

    • We may personalize exercise and activity goals for you based on the goals you previously set and your historical exercise or activity data.

• To assist us in running our business in an efficient and proper way.

  • To help us develop new products and services and improve our existing products and services.

  • To provide users with educational or informative content that may be relevant to them.

  • To provide users with advertising and direct marketing that may be more relevant to them.

  • To take the information we collect from your use of the App and combine it with information we receive from other sources, such as your interactions with www.principal.com, your interactions with your advisor, or information you provided as part of other products and services you have with us.

  • To assess the effectiveness of and improve advertising and other marketing and promotional activities.

• To enforce our Terms and Conditions of the App or other applicable policies.

• When You Agree or Direct Us to Share

  • You may direct us to disclose your information to others, such as when you use our community features like the forums and other social tools. For certain information, we provide you with privacy preferences in account settings and other tools to control how your information may be accessed by other users on the App. Remember that if you choose to participate in a challenge, information like your profile photo, points earned, total steps in the challenge, personal statistics, and achievements, is not governed by your privacy preferences and will be visible to all other challenge participants.

  • You may also authorize us to share your information with others, for example, with a third-party application when you give it access to your account. Remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share with third-party applications or employee wellness programs using your account settings.

• Principal Companies

  • We may share information we collect about you with other member companies within Principal.

• Service Providers

  • We may share information we collect from you with external third-party service providers, and other partners who process information for us, based on our instructions, and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures. These partners provide us with a variety of services, including customer support, information technology, data analysis, research, and surveys.

• Principal Advisor

  • We may share certain information we collect from you with your Principal advisor. This information is provided to your advisor to facilitate conversations you have with your advisor and to help your advisor identify products or services that might be of interest to you.

  • For example, we may provide information to your advisor if:

    • Your interactions within the App (e.g., clicking on educational or informative content) indicate you might be interested in, or have a need for, a certain financial product or service.

    • The information we receive from your social media sites (those sites that you have connected the App to) indicates that you have had a life event (e.g., a marriage, new job, or new child).

    • The information we collect through the App indicates that you have had a life event (e.g., a marriage, new job, or new child) or have an interest in a specific product or service.

  • If you indicate in the App that you want to contact your advisor, that request will be provided to a Principal advisor. If you have a Principal advisor, the request will be sent to that individual. If you do not have a Principal advisor, you will be contacted by an advisor within the Principal advisor network.

• Regulatory/Legal Bodies

  • We may share information to regulators, law enforcement authorities, or other governmental bodies comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of the App or the physical safety of any person.

• Successor Company

  • We may share information with a third party acquiring all, or a portion of, our business. The information shared will remain subject to this Policy and the privacy preferences you have expressed to us.

Cookie Policy

Cookies are small text files sent to your web browser and stored on your hard drive by a website. Cookies allow your web browser to "remember" specific bits of information about your visits to our site.

Cookies allow you to access secured information, conduct secured transactions, and take advantage of promotional opportunities. They are designed to help you have a better user experience within our website, and we use the information to improve our site content and site functionality. Cookies allow our site to remember your device, remember who you are, and help us to be more efficient. For example, we can learn about what content is important to you, and we can revise or remove web pages that are not of interest.

Types of cookies we use

We primarily use two types of cookies:

1. Session cookies. These are temporary and expire when you leave our website or are inactive for a specified length of time. Session cookies allow the website to recognize you as you navigate between pages during a single browser session and allow you to use the website most efficiently.

2. Persistent cookies. These store your preferences for a site, are stored on your computer, and are read by your browser each time you visit the website. They therefore enable the website to “recognize” you on your return, remember your preferences, and tailor services to you.

Our site uses both “session” and “persistent” cookies. Session cookies are temporary and expire when you leave our website or are inactive for a specified length of time. Persistent cookies store your preferences for a site and are read by your browser each time you visit the website.

Our site uses both first-party cookies, which are cookies set by us, and third-party cookies, which are cookies set by other companies to assist our advertising and marketing efforts.

The cookies used by our site fall into the following four categories:

1. Strictly necessary cookies. These cookies are necessary for our website to function and can’t be switched off in our systems. They’re set for you behind the scenes when you do things such as log in, fill out forms, make a request for services, or set your privacy preferences. You can set your browser to block or alert you about these cookies, but some parts of our site won’t work without them.

2. Functional cookies. These cookies enable our website to work smoothly and in a manner personalized to you. They may be set by us or by third-party providers whose services we’ve added to our pages. For example:  downloading a customer service form using PDF. If these cookies are blocked, then some or all of these services may not function.

3. Performance cookies. These cookies allow us to count how many times people visit our website, and how they get here, so we can measure and improve its performance. They show us which pages are the most (and least) popular, and how visitors move around on the site when they’re here. If these cookies are blocked, we have less information about how to improve our sites that will be useful to you.

4. Marketing Cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. If these cookies are blocked, you will experience less targeted advertising.

Managing your cookie preferences

At this time, Principal does not respond to do-not-track signals or similar technologies sent by a browser setting. Most web browsers allow you to change your browser settings to limit or block certain cookies. Doing so, however, may limit your access to certain sections of our website or otherwise compromise the functionality of the site.

How We Protect Your Information

We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. We have comprehensive security practices and procedures in place to protect data entrusted to us. Additional detail about how Principal protects your data is available online at https://www.principal.com/privacy-policies under "Important Information". No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact our Privacy Officer at P.O. Box 14582, Des Moines, IA 50306-3582 or at [email protected]

How You Can Access and Manage Your App Account

We provide you with account settings and tools to access and manage the personal information associated with your App account. We store information associated with your App account until your App account is deleted. You can request that we delete the information contained within the App account at any time by contacting Customer Support at [email protected] (please note, this only deletes the App account and information stored within the App; it does not delete any underlying contract or policy information you may have with us). It may take up to thirty (30) days to delete your App account information, and we may need to preserve it for legal reasons or to prevent harm, including as described in the “How Information Is Shared and Disclosed” section.

You can also manage certain information about your principal.com account by accessing "My Profile" at www.principal.com.

Additional Information for California Consumers

This section supplements the information contained within this My Principal Lifestyle Privacy Policy and provides additional information to California consumers as required by the California Consumer Privacy Act of 2018 (the “CCPA”).

• Notice of Collection

This Privacy Policy explains the types of information we collect, how we collect information, how we use information we collect, and whom we share information with.

The CCPA requires that we provide you with additional information about each category of information that we collect. As previously discussed, the nature of your relationship with us and how you choose to interact with us will determine the specific information we collect, and how/why that information is collected, used and shared.

• Scope of the CCPA

The CCPA does not apply to certain types of personal information. For example, the CCPA does not apply to certain information already protected by other laws. This includes health and medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or the California Confidentiality of Medical Information Act (CMIA). It also includes information collected, processed or disclosed pursuant to federal privacy law (Gramm-Leach-Bliley and its implementing regulations) or pursuant to California state law (California Financial Information Privacy Act).

Principal complies with the protections and rights provided for in the above federal and state laws.

In addition, under the CCPA, personal information does not include publicly available information from government records or personal information that has been properly de-identified or aggregated.

• No Sale of Personal Information

The CCPA contains provisions and requirements for businesses that sell personal information.

Principal does not sell your personal information.

• Your Rights Under the CCPA

The CCPA provides California consumers with certain rights regarding their personal information. This section describes your rights under the CCPA and provides information about how to exercise those rights.

Right to Know

This Policy, including the Notice of Collection section, explains how we collect, use and share information. In addition, you have the right to request that we disclose what personal information we collect, use, disclose, and sell (Principal does not sell your personal information) about you.

Additional information is contained in the How to Submit a Request section.

Right to Request Deletion

You have the right to request that we delete personal information we have collected or maintain about you. Please note, the CCPA recognizes that businesses may not be able to fulfill a deletion request if there is a business need to maintain the information. If we are unable to fulfill a deletion request, we will tell you why in our response.

Additional information is contained in the How to Submit a Request section.

Right to Opt-Out of the Sale of Personal Information

You have the right to opt-out of the sale of your personal information. However, no opt-out is required because Principal does not sell your personal information.

Right to Non-Discrimination for Exercising Your CCPA Rights

You have the right not to receive discriminatory treatment for exercising your rights under the CCPA.

Principal complies with the non-discrimination provisions of the CCPA and other applicable laws.

How to Submit a Request

You can exercise your Right to Know and/or Right to Request Deletion by clicking here.

You can also contact us at 1-800-986-3343. Please inform our customer service representative that you wish to submit a “Right to Know” and/or a “Right to Request Deletion” request.

The protection of your personal information is important to us. In order to respond to your request, we will need to verify your identity. As part of the initial request process, we will ask you for certain information about you. This information helps us identify who is making the request and helps us determine that the person making the request is really whom they say they are. The information you provide us during the verification process will only be used to review and respond to your request.

We may not be able to verify your identity based solely on the information you provide during the initial request process. If we are unable to verify your identity, we will follow-up with you and request additional information that only you should know. For example, if you have an existing product or service, we may ask information specific to that product or service. Or we may ask you to provide documentation that allows us to verify your identity. If we are unable to verify your identity, we may not be able to respond to your request. For example, if you are requesting specific pieces of information that we maintain about you, but we are unable to verify your identity, we may not be able to provide you with the specific pieces of information, but may still be able to provide you with the categories of information that we maintain about you.

Pursuant to the CCPA, you can only submit a Right to Know request twice within a twelve-month period. The CCPA also allows businesses to establish specific ways in which requests must be submitted, such as through our online form and toll-free telephone number. In addition, the CCPA’s Right to Know requests only cover information that has been collected or shared within the preceding twelve months. If we are unable to fulfill a request, we will tell you why in our response.

An authorized agent may submit a request on your behalf. Under the CCPA, an authorized agent is a person or business entity registered with the Secretary of State that you have authorized to act on your behalf. We may still require that you verify your identity with us directly and submit proof that the agent has been authorized to act on your behalf.

Our Response to Your Right to Know and Right to Request Deletion Requests

We will confirm receipt of your request within 10 days and provide information about how we will process the request. This confirmation will include additional information, as applicable, regarding the verification process. The CCPA allows for a response within 45 days of receiving your request. If we need additional time to respond, the CCPA allows for an additional 45 days. We will contact you if we need the additional time and explain why.

Our response will contain additional information specific to your request. This could include, for example, reasons why we were unable to fulfill the request.

We do not normally charge a fee to process or respond to your request. The CCPA does permit us to charge a fee, however, if the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Contact for More Information:

If you have any questions about our privacy policies and practices, or about the CCPA, please contact us at: [email protected] or Privacy Officer, P.O. Box 14582, Des Moines, IA 50306-3582.

Other Important Information

Children’s privacy online

The App is not directed toward or intended for use by children. Users under the age of 18, or the equivalent minimum age in the relevant jurisdiction, are not permitted to create accounts and use the App. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at [email protected]

Effective Date and Changes to this Policy

The Effective Date of this Privacy Policy is set forth at the top of this page. Whenever possible, we will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the App. We will not make retroactive changes that reduce your privacy rights unless we are legally required to do so. Your continued use of the App after the Effective Date constitutes your acceptance of the amended Privacy Policy. The amended Privacy Policy supersedes all previous versions.

For your convenience, whenever this Policy is changed, we will update the Last Updated Date at the top of this policy. Be sure you check the Last Updated Date to see if this Policy has been revised since your last visit. We recommend that visitors to our site review our digital privacy policies from time to time to learn of new privacy practices and changes to our policies.

How to Contact Us

If you have questions about this Privacy Policy, or about how we collect and use your personal information, please contact us at [email protected] or at:

Privacy Officer
P.O. Box 14582
Des Moines, IA 50306-3582