We have implemented security measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. All payment transactions are performed by our third-party payment processor, who must comply with appropriate industry standards to protect your payment information.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we take security measures to protect your Personal Data, including providing training and communication programs designed to educate employees about the meaning and requirements of our data security and confidentiality measures, we cannot guarantee the security of your Personal Data transmitted to our Websites or by telephone to our representatives. Any transmission of Personal Data is at your own risk. We are not responsible for the circumvention of any security measures contained on the Websites.
Our Websites may contain links to third-party Websites or services that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other Websites or services. The privacy practices of these third parties, including details on the information they may collect about you, are subject to the privacy policies of these parties, which we suggest you review.
We may change this Privacy Notice at any time. It is our policy to post any changes we make to our Privacy Notice on this page. If we make material changes to how we treat our users’ Personal Data, we will notify you by email to the email address specified in your account, through a notice on our Websites’ home page, or using a similar method. The date this Privacy Notice was last revised is identified at the top of the page. You are responsible for periodically visiting our Websites and reviewing this Privacy Notice to check for any changes.
If you have any questions, concerns, complaints or suggestions regarding our Privacy Notice or our privacy practices, have any requests related to your Personal Data pursuant to applicable laws, or otherwise need to contact us, you may contact us at the contact information below or through the
“Contact Us” page on our Websites.
EFG Companies
122 West Carpenter Frwy.
Sixth Floor
Irving, TX 75039
1-800-527-1984
legaldepartment@efgusa.com
EFG Privacy Addendum for California Residents
Effective Date: January 1, 2020
Last Reviewed: June 1, 2025
This
Privacy Addendum for California Residents (“
California Privacy Addendum”) supplements the information contained in the
EFG Privacy Notice to which this California Privacy Addendum is attached and applies solely to visitors, users, customers and others who reside in the State of California (“
consumers,” “
you,” or “
your”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 as revised by the California Privacy Rights Act of 2020, and all implementing regulations (together “
CCPA”) and any terms defined in the CCPA have the same meaning when used in this California Privacy Addendum.
Personal Information that is regulated under the CCPA may represent a limited portion of Personal Data as described in the EFG Privacy Notice; therefore, this California Privacy Addendum applies solely to consumers’ Personal Information, as defined below.
This California Privacy Addendum does not apply to employment-related Personal Information collected from our California-based employees, job applicants, contractors, or similar individuals (“Personnel”). Please contact your local human resources department if you are part of our California Personnel and would like additional information about how we process your Personal Information.
- Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“
Personal Information”). The type of Personal Information we collect may vary depending on your relationship with us. For this reason, we may collect, and over the prior 12 months have collected, the following categories of Personal Information from consumers:
- Identifiers, such as name, contact information (e.g., residential and/or billing address, email address, telephone number(s)), IP address, government-issued identification numbers (e.g., Social Security, driver’s license, and passport numbers), account name, unique personal, online, or contractual identifiers, and other similar identifiers.
- Personal information as defined in the California Customer Records law, such as name, signature, contact information, government-issued identification numbers, loan number, insurance policy numbers and other health insurance information, payment card data and other financial account information, as well as information regarding your education, employment (current and former), and health.
- Protected classification characteristics under California or federal law, such as age, marital status, gender, medical condition, and physical or mental disability.
- Commercial information, such as records of personal property, information relating to your auto, home warranty or other claims, insurance coverage, or purchase and claims history.
- Internet or other electronic network activity information, such as information regarding a consumer’s interaction with our Websites.
- Sensory data, such as audio or call recordings, created in connection with our business activities.
Personal Information does not include: (i) publicly available information from government records; (ii) deidentified or aggregated consumer information; (iii) information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act, Gramm-Leach-Bliley Act or California Financial Information Privacy Act, and the Driver’s Privacy Protection Act of 1994; (iv) medical information governed by the California Confidentiality of Medical Information Act or protected health information collected by a covered entity or business associate governed by the Health Insurance Portability and Accountability Act of 1996; and (v) other information as set forth in the CCPA.
- Sources of Personal Information
We collect your Personal Information from the of sources described in the
Information We Collect About You and How We Collect It section of our Privacy Notice.
- Use of Personal Information
We only use your Personal Information for the purposes described in our
Privacy Notice and for the purposes outlined in this California Privacy Addendum. EFG will not collect additional categories of Personal Information or use the Personal Information we collected for additional purposes without providing you with notice.
- Sharing Personal Information
Disclosures of Personal Information for a Business Purpose We may disclose your Personal Information to third parties for one or more business purposes. When we disclose Personal Information to non-affiliated third parties for a business purpose, we enter a contract that describes the purpose, requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the specific business purposes for which the Personal Information was disclosed, and requires the recipient to otherwise comply with the requirements of the CCPA.
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for one or more of the business purposes below to the following categories of third parties:
Category of Personal Information |
Categories of Third-Party Recipients |
Identifiers |
- Our affiliates
- Business partners
- Service providers we use to support our business, (e.g., IT and infrastructure support service providers, payment processors, etc.)
|
Personal Information in the California Customer Records law (Cal. Civ. Code § 1798.80(e)) |
- Our affiliates
- Business partners
- Service providers we use to support our business, (e.g., IT and infrastructure support service providers, payment processors, etc.)
|
Protected classification characteristics under California or federal law |
- Our affiliates
- Business partners
- Service providers
|
Commercial information |
- Our affiliates
- Business partners
- Service providers we use to support our business
|
Internet or other similar network activity |
- Our affiliates
- Business partners
- Service providers we use to support our business
- Internet cookie information recipients, for analytics services
|
Sensory data |
- Our affiliates
- Business partners
- Service providers
|
We disclose your Personal Information to the categories of third parties listed above for the following business purposes:
- Helping to ensure the security and integrity of our products, services, and IT infrastructure to the extent that the use of the Personal Information is reasonably necessary and proportionate for these purposes.
- Debugging to identify and repair errors that impair existing intended functionality.
- Performing services on our behalf, including maintaining or servicing accounts, providing IT and infrastructure support services, providing analytic services, providing storage, or providing similar services on our behalf.
- Undertaking internal research for technological development and demonstration.
In addition to the above, we may disclose any or all categories of Personal Information (i) at your direction or upon your request, including to administer claims or otherwise provide the status of a contract, or (ii) to another third party (including government entities and/or law enforcement entities) as described in the Disclosures of Your Information section of our Privacy Notice.
Sales or Sharing of Personal Information:
“Sale” of Your Personal Information for Monetary or Other Valuable Consideration
As noted in our Privacy Notice, we do not sell Personal Information as the term “sell” is commonly understood to require an exchange for money. However, the use of analytics cookies on our Websites is considered a “sale” of Personal Information as the term “sale” is broadly defined in the CCPA to include both monetary and other valuable consideration. Using this broad definition, our “sale” is limited to our use of third-party analytics cookies and certain embedded third-party content, such as YouTube videos, and their use in providing behavioral advertising and analytics related to how people use and interact with our Websites. Our “sales” of your Personal Information in this manner is subject to your right to opt-out of those sales (see Your Choices Regarding our “Sale” or “Sharing” of your Personal Information). The CCPA prohibits third parties who purchase the Personal Information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.
We have no actual knowledge of “selling” any Personal Information of consumers under the age of sixteen (16) for monetary or other valuable consideration.
“Sharing” of Your Personal Information for Cross-Context Behavioral Advertising
We may “share” your Personal Information for the purpose of cross-context behavioral advertising, subject to your right to opt-out of that sharing (see Your Choices Regarding our “Sale” or “Sharing” of your Personal Information). Our “sharing” for the purpose of cross-context behavioral advertising would be limited to our use of third-party advertising cookies and certain embedded third-party content, such as YouTube videos, and their use in providing you cross-context behavioral advertising (i.e., advertising on other websites or in other mediums). When the recipients of your Personal Information disclosed for the purpose of cross-context behavioral advertising are also permitted to use your Personal Information to provide advertising to others, we also consider this disclosure as a “sale” for monetary or other valuable consideration under the CCPA.
We have no actual knowledge of “sharing” any Personal Information of consumers under the age of sixteen (16) for such purposes.
- Your Rights and Choices
The CCPA provides California consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights. You may exercise these rights yourself or through your Authorized Agent. For more information on how you or your Authorized Agent can exercise your rights, please see
Exercising Access, Data Portability, and Deletion Rights.
Right to Know Request. You have the right to request that EFG disclose certain information to you about our collection and use of your Personal Information over the past 12 months. This includes: (a) the categories of Personal Information we have collected about you; (b) the categories of sources from which that Personal Information came from; (c) our purposes for collecting this Personal Information; (d) the categories of third parties with whom we have shared your Personal Information; and (e) if we have “sold” or “shared” or disclosed your Personal Information, a list of categories of third parties to whom we “sold” or “shared” your Personal Information, and a separate list of the categories of third parties to whom we disclosed your Personal Information to. You must specifically describe if you are making a Right to Know request or a Data Portability Request. If you would like to make both a Right to Know Consumer Request and a Data Portability Consumer Request, you must make both requests clear in your request. If it is not reasonably clear from your request, we will only process your request as a Right to Know request. You may make a Right to Know or a Data Portability Consumer Request a total of two (2) times within a 12-month period at no charge.
Access to Specific Information (Data Portability Rights). You have the right to request that EFG disclose certain information to you about our collection, use, disclosure, and sale of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see
Exercising Access, Data Portability and Deletion Rights), we will disclose to you:
- The categories of Personal Information we collected about you.
- The categories of sources from which the Personal Information was collected.
- Our business or commercial purpose for collecting or selling that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- If we sold or disclosed your Personal Information for a business purpose, two separate lists identifying: (i) the categories of Personal Information disclosed, and the categories of third parties to whom the Personal Information was disclosed, and (ii) the categories of Personal Information sold, and the categories of third parties to whom the Personal Information was sold.
- The specific pieces of Personal Information we collected about you.
If you make a request for the specific pieces of Personal Information electronically, we will, to the extent permitted by law, provide you with a copy of your Personal Information in a format we select that is readily useable and allows you to transmit the Personal Information to another person or entity.
Correction Request. You have the right to request that we correct any incorrect Personal Information about you to ensure that it is complete, accurate, and as current as possible. You may review and correct some Personal Information about yourself as described below under
Exercising Access, Data Portability and Deletion Rights.In some cases, we may require you to provide reasonable documentation to show that the Personal Information we have about you is incorrect and what the correct Personal Information may be. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect or if the Personal Information is subject to another exception under the CCPA.
Deletion Request Rights. You have the right to request that EFG delete any of your Personal Information that we have collected from you and maintained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see
Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies, pursuant to the CCPA. Some exceptions to your right to delete include, but are not limited to, if we are required to retain your Personal Information to complete the transaction or provide you the goods and services for which we collected the Personal Information or otherwise perform under our contract with you, to detect security incidents or protect against other malicious activities, and to comply with legal obligations. We may also retain your Personal Information for other internal and lawful uses that are compatible with the context in which we collected it.
Limiting Our Uses and Disclosures of Sensitive Personal Information. You have the right to request that we limit our use and disclosure of your Sensitive Personal Information to only those purposes specifically enumerated in the CCPA. Currently, we do not use or disclose your Sensitive Personal Information for purposes other than those expressly permitted by the CCPA. Should this change in the future, we will update this California Privacy Addendum and provide you with methods to limit the use and disclosure of Sensitive Personal Information.
Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not do any of the following as a result of you exercising your CCPA rights: (i) deny you goods or services; (ii) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (iii) provide you with a different level or quality of goods or services; or (iv) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
- Calling us at 1-800-527-1984
- Emailing us at legaldepartment@efgusa.com
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf (an “Authorized Agent”), may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. We are not obligated to provide information to you in response to your verifiable consumer request for access or portability more than twice in a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an Authorized Agent. This may include:
- Verifying Personal Information that we may already have about you, such as your full name plus the following information: (i) residential or billing address; (ii) telephone number; (iii) email address; and/or (iv) contract number.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
To protect the privacy and security of your Personal Information, we may request additional information from you to help us verify your identity and process your request. This information may include your driver’s license or other government-issued identification number. We may also contact you to ask you for further information in relation to your request to speed up our response. You may also be asked to complete and provide a signed declaration under penalty of perjury that you are the consumer who is the subject of the request in certain circumstances.
We are unable to fulfill your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. With few exceptions, we will only review and fulfill a request from your Authorized Agent if (i) you grant the Authorized Agent written permission to make a request on your behalf, (ii) you or the Authorized Agent provides us notice of that written permission, and (iii) we are able to verify your identity in connection with that notice and the request. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
- Your Choices Regarding our “Sale” or “Sharing” of Your Personal Information
“Sale” of Your Personal Information
If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information for monetary or other valuable consideration at any time (the “right to opt-out”). We do not sell the Personal Information of Consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the Consumer who is between 13 and 16 years of age, or the parent or guardian of a Consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time.
“Sharing” of Your Personal Information
If you are 16 years of age or older, you have the right to direct us to not share your Personal Information for the purposes of cross-context behavioral advertising, which is showing advertising on other websites or other media based on your browsing history with our Websites (the “right to opt-out”). We do not share the Personal Information of Consumers we actually know are less than 16 years of age for this purpose, unless we receive affirmative authorization from either the Consumer who is between 13 and 16 years of age, or the parent or guardian of a Consumer less than 13 years of age. Consumers who opt-in to our sharing of Personal Information for these purposes may opt-out of future such sharing at any time.
How You May Opt-Out of Our Sale or Sharing of Your Personal Information
To exercise the right to opt-out of the “sale” of your Personal Information for monetary or other valuable consideration and of “sharing” your Personal Information for the purposes of cross-context behavioral advertising, you (or your authorized representative) may submit a request to us via the Contact information below, by adjust your cookie preferences via the “Consent Preferences” button at the bottom of any page of our Websites, by Clicking the Do Not Sell or Share My Personal Information link below, by configuring your browser to send us a privacy signal as described in more detail below, or by setting your browser to refuse all or some browser cookies. However, if you do not consent to our use of cookies or select this setting you may be unable to access certain parts of our Websites or other websites. You can find more information about cookies at https://www.allaboutcookies.org.
Do Not Sell or Share My Personal Information
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. You do not need to create an account with us to exercise your opt-out rights. However, you may change your mind and opt back into the “sale” and “sharing” of Personal Information at any time by clicking the “Consent Presents” at the bottom of any page of our Websites.
Browser Privacy Control Signals
You may also exercise your right to opt-out of the “sale” of your Personal Information for monetary or other valuable consideration and “sharing” your Personal Information for the purposes of cross-context behavioral advertising by setting the privacy control signal on your browser, if your browser supports it. We currently recognize and support the Global Privacy Control signal (for more information on how to configure your browser to send this signal, please see
https://globalprivacycontrol.org/).
When we receive one of these privacy control signals, we will opt you out of any further “sale” or “sharing” of your Personal Information when you interact with our Websites through that browser and on that device.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Personal Information Retention Periods
We will keep your Personal Information for no longer than is necessary for the purpose(s) it was provided for. Further details of the periods for which we retain Personal Information are available on request. However, we may retain any or all categories of Personal Information when your information is subject to one of the following exceptions:
- When stored in our backup and disaster recovery systems. Your Personal Information will be deleted when the backup media your Personal Information is stored on expires or when our disaster recovery systems are updated.
- When necessary for us to exercise or defend legal claims.
- When necessary to comply with a legal obligation.
- When necessary to help ensure the security and integrity of our Websites.
- Changes to Our California Privacy Addendum
We reserve the right to amend this California Privacy Addendum as described in our Privacy Notice. When we make changes to this California Privacy Addendum, we will inform you of such updates as described in our Privacy Notice and update the addendum’s effective date.
Your continued use of our Websites following the posting of changes constitutes your acceptance of such changes.
- Contact Information
If you have any questions or comments about this California Privacy Addendum, the ways in which EFG collects and uses your information described above and in the Privacy Notice, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Phone: 1-800-527-1984
Phone:Email: legaldepartment@efgusa.com
Postal Address:
EFG Companies
122 West Carpenter Frwy.
Sixth Floor
Irving, TX 75039
1-800-527-1984
EFG Privacy Addendum for Nevada Residents
Effective Date: January 1, 2020
Last Reviewed: June 1, 2025
This
Privacy Addendum for Nevada Residents (“
Nevada Privacy Addendum”)supplements the information contained in the EFG Privacy Notice to which this Nevada Privacy Addendum is attached and applies solely to all visitors, users, and others who reside in the State of Nevada(“
consumers,” “
you,” or “
your”). We adopt this Nevada Privacy Addendum to comply with Nevada’s Online Privacy Law (“
OPL”).
Nevada provides its residents with a limited right to opt-out of certain covered information sales under the OPL. However, EFG does not currently sell information triggering the OPL’s opt-out requirements.