State Farm Privacy Policy

This document is State Farm's Notice of Privacy Policy, governing the collection, use, and sharing of 'customer information' (defined as all nonpublic personally identifiable information) across the State Farm family of companies, with stated compliance obligations under federal and state insurance privacy laws. The policy states that State Farm does not sell customer information and does not permit third parties acting on its behalf to use customer information for their own marketing, while the terms authorize sharing of customer information within the State Farm family of companies, with agents, consumer reporting agencies, marketing partners, and parties involved in business transfers, for purposes including underwriting, claims processing, fraud prevention, and offering additional products and services. A notable provision authorizes State Farm to develop anonymized or de-identified data from customer information and share it with third-party service providers or unaffiliated entities for analysis and commercial purposes, which is operationally distinct in that de-identification standards and downstream use controls are not specified in the document text itself. The policy engages the Gramm-Leach-Bliley Act (GLBA) and state insurance privacy regulations as its primary legal framework, with additional state-specific disclosures for California (CCPA), Nevada (do-not-call), Vermont (intra-family sharing restrictions), Washington, Illinois, and New York; the GLBA opt-out mechanism for intra-family sharing is present but the policy notes material limitations on the scope of that opt-out. Tracking technologies, precise location data collection via Drive Safe and Save and the State Farm mobile application, and the stated non-support for browser 'do not track' signals create additional compliance surface area under state privacy laws and FTC guidance.