Back to top

Our customers

Global Code of Business Conduct

We're a winning team for our customers, our communities and each other

We're a collection of individuals who come together as one team, leveraging our unique identities to help our customers achieve their hopes and dreams. This means we do the right thing — always.

We never compromise Our Values, even when we take on the toughest competitors. We work hard and play fair, engaging in the marketplace with the integrity, respect and accountability that our customers, communities and stakeholders have come to expect from us.

Selling and marketing with integrity

We empower customers with protection to help them achieve their hopes and dreams.

We anticipate our customers' expectations and exceed them at low cost.

We provide affordable, simple and connected protection solutions and are there for our customers when they need us most.

We always represent our solutions honestly. Honoring Our Value of Integrity in this way earns customer loyalty, enhances our reputation and strengthens our ability to grow and thrive in a competitive global marketplace. Selling and marketing with integrity means we comply with all laws and regulations in all markets where we do business.

Competing fairly

We deliver superior performance on the strength of our products and people.

Markets depend on free and fair competition to operate properly and offer consumers choices. We rely on our original ideas, speed and conviction to beat the competition fairly and win customers. We follow fair competition and antitrust laws wherever we do business. Our Value of Integrity demands it.

Competition, or antitrust, laws are complex and vary by location. Even the appearance of an improper agreement can be a big problem. If you suspect you're at risk of violating these laws, contact your manager, legal department or Human Resources.

Gathering competitive intelligence fairly

We learn about competitors in ways that are transparent, legal and ethical.

We need to obtain information about our competition to make strategic business decisions. However, our integrity compels us to treat our competitors fairly and honorably. That's how we do business, no matter how high the stakes. We never resort to unethical means to compete.

Safeguarding our assets and information

We treat Company assets with care and respect.

Our assets help us protect customers and earn attractive returns in the marketplace. Each asset, from our property, technology systems and investments to our information and reputation, represents our shared hard work.

Safeguarding our assets and information means we:

  • Prevent loss, damage, theft, waste and misuse of all Company assets.
  • Use Company assets for business purposes only.
  • Use personal information only for business purposes and manage it responsibly in accordance with applicable cyber security, data, privacy laws and Company policy.
  • Never remove, sell, lend, borrow, transfer or dispose of assets without authorization.

Using information and communications systems responsibly

We protect our communications equipment and systems, treating them with care and professionalism.

Using information systems responsibly means we never use Company systems or devices for activities that are illegal or that violate our policies and values. We must protect our hardware, software, sensitive information, and electronic data against loss, theft, damage, unauthorized access, and cyber threats. We should never store Company information on personal systems or equipment.

Immediately report any suspected security breach to Allstate Information Security by emailing or any suspected privacy incident to Enterprise Business Conduct by emailing or your affiliate cybersecurity team.

Integrity insights

"Assets" can refer to many things, including:

  • Information assets, such as any data related to our business.
  • Financial assets, such as money or anything that can be converted into money.
  • Physical assets provided to employees to conduct business, such as phones, computers, workspaces and vehicles.
  • Intangible assets, such as our reputation, ideas and intellectual property (copyrights, trademarks, patents, trade secrets, etc.).

To report the mistreatment of Company assets, use the Speak Up Process. Additional information may be found under Resources.

Working Virtually
Our focus on customers affects everything we do. When working at home, we take extra precautions to maintain that focus. Allstate provides several remote access solutions, such as a VPN and two-factor login authentication to make it possible for users to securely access systems and information when working remotely. For additional information, see your local guidelines for working from home securely.

Preventing insider trading

We never use or disclose material, nonpublic information about Allstate or another company improperly.

Preventing insider trading means we protect material, nonpublic information from unauthorized disclosure about Allstate, its subsidiaries or any other company. Material, nonpublic information does not have to be significant alone or on its face but may also be routine business information that a reasonable investor could nonetheless use to extrapolate data or trends important to an investment decision.

Insider trading cheats shareholders, distorts markets and erodes the trust of those we serve. It's a serious violation that can carry significant penalties.

Protecting confidential and restricted information

We handle our information assets with care, especially our confidential and restricted information. We all have a responsibility to protect our information and information entrusted to us by our business partners.

Protecting confidential and restricted information means we:

  • Identify and properly classify confidential and restricted information.
  • Take appropriate security measures when storing or sharing such information.
  • Share it only on a need-to-know basis for a legitimate business reason, even with coworkers, unless otherwise required by law.
  • Never discuss confidential or restricted information in public.
  • Only use it for Company purposes; never for the personal gain of yourself or others.
  • Properly destroy or return all copies of confidential and restricted information when leaving the Company.
  • Unless necessary, avoid printing material containing restricted information and avoid requesting or accepting confidential or restricted information (after which it should be destroyed, according to the defined retention schedule).
  • Immediately report any suspected security breach to Allstate Information Security by emailing or any suspected privacy incident to Enterprise Business Conduct by emailing or your local cybersecurity team.

Integrity insights

We classify data based on how carefully we need to protect it. The two most protected classes of data are confidential and restricted. How we handle these types of data is a critical part of our focus on customers. Personal information, discussed below, can be either confidential or restricted.

Examples of restricted data:

  • Social Security Number or Social Insurance Number.
  • Full date of birth.
  • Driver's license or government ID number.
  • Credit card, debit card or primary account number.
  • Financial bank account number.
  • Protected health information.
  • Pre-release financial performance information.

Examples of confidential data:

  • Address.
  • Partial date of birth.
  • Policy number.
  • User login/ID (not including password).
  • Email address.
  • Service-level agreements.

Protecting personal data

We protect personal information (PI) against loss or unauthorized access, use, modification, destruction or disclosure.

Because of our global operations and presence in both insurance and non-insurance segments, we are entrusted with the PI of millions of people. We respect and protect PI not just because the law requires it, but also because it's the right thing to do and it supports our strategic vision and Our Shared Purpose. We know that failure to protect PI could impact people's lives, and we take steps to prevent PI loss and the harm that could result from it.

Respecting and protecting PI means we:

  • Comply with all relevant Company policies and applicable cybersecurity, data and privacy laws.
  • Embed privacy principles into the design of our products, services, technologies and business practices.
  • Evaluate the ethical impacts of the collection, use and sharing of PI, beyond compliance with laws and policies.
  • Consider using the Pl anonymization framework to reduce privacy risk.
  • Collect PI only when it is necessary for the business purposes that we've disclosed in our privacy statements.
  • Take steps to maintain the accuracy and completeness of the PI we use.
  • Protect PI against loss or unauthorized access, use, modification or destruction.
  • Are transparent and clear about our privacy practices.
  • Provide individuals with simple ways to:
  • Learn about PI we have about them.
  • Correct inaccuracies.
  • When possible, provide individuals with choices about how their PI is used and shared.

Integrity insights

PI is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. Examples include, but are not limited to, an individual's:

  • Social Security Number or Social Insurance Number.
  • Bank account number.
  • Date of birth.
  • Geolocation data collected from a cell phone.
  • Online activity such as browsing or search history.
ECC Monitor: OK