Skip to Main Content

Privacy Choices for Your Personal Financial Information

Privacy Choices for Your Personal Financial Information

What Can You Stop--and What Can’t You Stop?
Your Right to Opt Out
Privacy Notices You May Receive
What to Do When You Receive Your Notices
Where Else to Turn for Help
Appendix: Laws Affecting Your Personal Financial Privacy

You’ve probably been receiving privacy notices from banks and other financial companies. These notices explain:

  • What personal financial information the company collects
  • Whether the company intends to share your personal financial information with other companies
  • What you can do, if the company intends to share your personal financial information, to limit some of that sharing
  • How the company protects your personal financial information.

Companies that May Send Privacy Notices

Companies involved in financial activities must send their customers privacy notices, including:

  • Banks, savings and loans, and credit unions
  • Insurance companies
  • Securities and commodities brokerage firms
  • Retailers that directly issue their own credit cards (such as department stores or gas stations)
  • Mortgage brokers
  • Automobile dealerships that extend or arrange financing or leasing
  • Check cashers and payday lenders
  • Financial advisors and credit counseling services
  • Sellers of money orders or travelers checks.

Financial companies share information for many reasons: to offer you more services, to introduce new products, and to profit from the information they have about you. If you like to know about other products and services, you may want your financial company to share your personal financial information; in this case, you don’t need to respond to the privacy notice. If you prefer to limit the promotions you receive or do not want marketers and others to have your personal financial information, you must take some important steps.

First, it is important to read these privacy notices. They explain how the company handles and shares your personal financial information. Keep in mind that not all privacy notices are the same. This guide tells you about the other steps you can take to help protect the privacy of your personal financial information.

What Can You Stop--and What Can’t You Stop?

Federal privacy laws give you the right to stop (opt out of) some sharing of your personal financial information. These laws balance your right to privacy with financial companies’ need to provide information for normal business purposes. (For more information on these laws, see the appendix.) You have the right to opt out of some information sharing with companies that are:
  • Part of the same corporate group as your financial company (or affiliates)
  • Not part of the same corporate group as your financial company (or non-affiliates).
But you cannot opt out and completely stop the flow of all your personal financial information. The law permits your financial companies to share certain information about you without giving you the right to opt out. Among other things, your financial company can provide to non-affiliates:
  • Information about you to firms that help promote and market the company’s own products or products offered under a joint agreement between two financial companies
  • Records of your transactions--such as your loan payments, credit card or debit card purchases, and checking and savings account statements--to firms that provide data processing and mailing services for your company
  • Information about you in response to a court order
  • Your payment history on loans and credit cards to credit bureaus.

What Opting Out Means

If you opt out, you limit the extent to which the company can provide your personal financial information to non-affiliates.

If you do not opt out within a "reasonable period of time"--generally about 30 days after the company mails the notice-- then the company is free to share certain personal financial information.

If you didn’t opt out the first time you received a privacy notice from a financial company, it’s not too late. You can always change your mind and opt out of certain information sharing. Contact your financial company and ask for instructions on how to opt out.

Remember, however, that any personal financial information that was shared before you opted out cannot be retrieved.

Your Right to Opt Out

A privacy notice contains information about the company’s data collection and information sharing policies. If a financial company does not plan to share your information except as permitted by law, the notice will tell you this; in this case, you don’t have a right to opt out.

Non-affiliates.

If you have the right to opt out (that is, if the company plans to share your information), the privacy notice will include instructions on how to opt out of sharing some information. Unless you opt out, your financial company can provide your personal financial information (for example, information on the kinds of stores you shop at, how much you borrow, your account balances, or the dollar value of your assets) to non-affiliates for marketing and other purposes.

Affiliates.

The privacy notice may also give you the right to opt out of certain information sharing with affiliates. For example, if a company intends to provide an affiliate with personal information from your credit report or loan application, you will usually first be given a chance to opt out. Companies, however, can share information about you with affiliates when the information is based solely on your transactions with that company (transaction information includes whether you pay your bills on time, the type of accounts you have with the company, and so forth). Read your notices carefully to see if this type of opt out applies.

Credit bureaus may also sell information about you to lenders and insurers who use the information to decide whether to send you unsolicited offers of credit or insurance. This is known as prescreening. You can opt out of receiving these prescreened offers by calling 1-888-567-8688.

If you want to opt out of information sharing, you must follow the directions provided by your financial company. For example, you may have to call a toll-free number or fill out a form and return the form to the company.

In some cases, your financial company may give you the choice to opt out of different types of sharing. For example, you could opt out of certain categories of information the company provides to other companies but allow the company to share other kinds of information.

Privacy Notices You May Receive

Initial Privacy Notice.

You will usually receive a privacy notice when you open an account or become a customer of a financial company. If you open an account over the phone, however, and you agree, the company may send you a notice at a later time.

Annual Privacy Notices.

Each financial company you have an ongoing relationship with--for example, the bank where you have a checking account, your credit card company, or a company that services your loan--must give you a notice of its privacy policy annually.

Notice of Changes in Privacy Policies.

If a company changes its privacy policy, it will either send you a revised privacy notice or tell you about the changes in the company’s next annual notice.

A privacy notice may be included as an insert with your monthly statement or bill, or it may be sent to you in a separate mailing. If you agree to electronic delivery from an on-line financial company, the notice may be sent to you by e-mail or it may be made available to you on the company’s web site.

If you have more than one account with the same company, the company may send you only one privacy notice for all of your accounts or it may send you separate notices for each of your accounts.

If you have a joint account with another person (for example, a joint checking account or a mortgage loan), the financial company may send a notice to one of you or to each person listed on the account. If the company provides an opportunity to opt out, it must let one of the account holders opt out for all joint account holders.

What to Do When You Receive Your Notices

  • Read all privacy notices.
  • Get answers to your questions from your financial company.
  • If applicable, decide whether you want to opt out.
  • If you want to opt out, follow the instructions in the notice--and, if necessary, shop around for a financial institution with the privacy policy you want.

Where Else to Turn for Help

If you have questions or concerns about a company’s privacy policy, first contact that company directly. If you still have questions about your privacy rights in dealing with a financial company, you can contact the federal or state agency that oversees that type of company:

Board of Governors of the Federal Reserve System

Regulates state-chartered banks that are members of the Federal Reserve System, bank holding companies, and branches of foreign banks

Division of Consumer and Community Affairs, Stop 801
20th and C Streets, NW
Washington, DC 20551
202-452-3693
www.federalreserve.gov

Commodity Futures Trading Commission

Regulates commodity brokers, commodity trading advisors, commodity pools, and introducing brokers

Privacy Officer, Office of Chief Counsel
Division of Trading and Markets
Three Lafayette Center
1155 21st Street, NW
Washington, DC 20581
202-418-5430
www.cftc.gov

Federal Deposit Insurance Corporation

Regulates state-chartered banks that are not members of the Federal Reserve System

Division of Compliance and Consumer Affairs
550 17th Street, NW
Washington, DC 20429
877-ASK-FDIC or 877-275-3342 toll-free
www.fdic.gov

Federal Trade Commission

Regulates any financial company not covered by the other federal regulators such as mortgage brokers, tax and investment services, finance companies, credit bureaus, nonbank lenders, auto dealers, leasing companies, appraisers, real estate settlement services, credit counseling services, and collection agency services

Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
877-FTC-HELP or 877-382-4357 toll-free
www.ftc.gov
also see www.consumer.gov/idtheft/

National Credit Union Administration

Regulates federally chartered credit unions

Office of Public and Congressional Affairs
1775 Duke Street
Alexandria, VA 22314-3428
703-518-6330
www.ncua.gov

Office of the Comptroller of the Currency

Regulates national banks, District of Columbia banks, federal branches and federal agencies of foreign banks, and subsidiaries of such entities. These typically include banks with "national" or "N.A." in their names.

Customer Assistance Group
1301 McKinney Street
Suite 3710
Houston, TX 77010
800-613-6743 toll-free
www.occ.treas.gov

Office of Thrift Supervision

Regulates federal savings and loan associations and federal savings banks

Consumer Programs
1700 G Street, NW
Washington, DC 20552
800-842-6929 toll-free
www.ots.treas.gov

Securities and Exchange Commission

Regulates brokerage firms, mutual fund companies, and investment advisors

Office of Investor Education and Advocacy
450 5th Street, NW
Washington, DC 20549-0213
202-772-9295 fax
www.sec.gov/complaint.shtml

Appendix
More Information About the Laws
Affecting Your Personal Financial Privacy

Two federal laws cover different aspects of how companies can share your financial information, as described in this guide: the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act.

The Fair Credit Reporting Act protects the privacy of certain information distributed by consumer reporting agencies (CRAs). Most CRAs are credit bureaus that gather and provide information about you, such as if you pay your bills on time or have filed for bankruptcy, to creditors and other businesses. Under the law, credit bureaus and other CRAs can release your information only to those third parties that have certified that they have a purpose permitted by the law to obtain your consumer report, such as to evaluate your application for credit, insurance, or employment, or to rent you an apartment.

When a financial company obtains your credit report from a credit bureau, it may want to share that information with an affiliate, meaning a company that owns your financial company, that your financial company owns, or that is part of the same parent organization or corporate family. Under the Fair Credit Reporting Act, however, if the financial company plans to share certain information--for example, from your credit report or your credit application--with its affiliates, it will usually first notify you and give you an opportunity to opt out. This notice is likely to be included in the privacy notice you receive from the financial company under the Gramm-Leach-Bliley Act.

The Gramm-Leach-Bliley Act requires financial companies to tell you about their policies regarding the privacy of your personal financial information. With some exceptions, the law limits the ability of financial companies to share your personal financial information with certain non-affiliates. A non-affiliate is a company that is unrelated to your financial company, and may include:

  • Service providers--companies hired by your financial company to perform a specific service, such as printing your checks
  • Joint marketers--companies that have an agreement with your financial company to offer you other financial products or services
  • Other third-party non-affiliate--which could include companies that may want access to your financial company’s mailing list to tell you about other products and services.
Under the Gramm-Leach-Bliley Act, your financial company can provide your personal financial information to non-affiliated service providers including joint marketers. But before it shares your information with other third-party non-affiliates (outside of these exceptions), your financial company must tell you about its information sharing practices and give you the opportunity to opt out.

Image of a folded bookletPDF file for printing booklet (78 KB PDF)
You can use this PDF file to print 8½ x 11 inch pages that can be copied back-to-back, folded and made into a 5½ x 8½ inch booklet; staples along the spine will help keep pages together. You can also download this file and take it directly to a printer who is able to print from PDF format files.