Collecting Information—Why? What? How?
Your notice says federal law gives consumers the right to limit some but not all sharing.
Reasons we can share
To limit sharing and direct marketing contact
Online Privacy Questions
Why do you send me a new privacy notice every year?
Annual notification is required under the U.S. federal Privacy Law, also known as the Gramm-Leach-Bliley Act. We will provide you our privacy notice each year, as long as you maintain a relationship with us.
What are other ways you share under the law?
Under the Gramm-Leach-Bliley Act, we are permitted to share with third parties, without regard to the customer choices, in connection with situations where we are required to disclose information, such as responding to subpoenas or tax reporting, and for typical business activities, such as sharing to identify or prevent fraud, to resolve customer disputes and enforce our rights, in connection with sale of all or part of a business or with consent.
What information is covered by your privacy notices and why do you collect information about me?
Our privacy notices apply to consumer personal information, which means personally identifiable information about a consumer or a consumer's current or former relationship with Bank of America that is not publicly available. We collect and use various types of personal information for our everyday business purposes, such as to process transactions, service and maintain accounts, comply with laws and regulations and better respond to your needs.
Personal information does not include aggregated or de-identified data that the Bank may create or compile from various sources, including accounts and transactions. This information, which does not identify individual customers, is used by the Bank for its business purposes, which may include offering products or services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.
What types of information do you collect?
We collect various types of information to service your accounts and better respond to your needs. Information we collect includes:
When would you collect medical information about me?
We occasionally receive medical or health information from a customer if, for example, a customer applies for insurance from us. We do not share medical or health information, including information received from third parties, among our companies, except to maintain or collect on accounts, process transactions, service a customer request, perform insurance functions or as required by law.
How do I know the information you have on file about me is accurate?
Keeping your account information accurate and up to date is very important. You have access to your account information through various means, such as account statements, telephone banking, online banking and in response to specific requests. If your account information is incomplete, inaccurate or not current, please call or write to us at the telephone number or address listed on your account statement, bank records or other documentation. We will promptly update or correct any erroneous information. Please contact us if you have questions or feel that we have not handled information about you properly.
How does the bank share information about me?
Bank of America shares information among the Bank of America family of companies (affiliates). Sharing information among the Bank of America family of companies can save you time and money. For example, customers who have certain accounts may qualify for a credit card with lower interest rate and no annual fee.
We may share credit card and Sponsored Account information with affinity partners and selected third parties in order to offer a greater range of financial products that may be tied to organizations of interest to you, such as an alumni organization, sports team or charity.
Affinity partners and selected third parties, as well as all companies that act on our behalf, are contractually obligated to keep the unique information we provide to them confidential and to use this information only as permitted by us.
We also share information to detect and prevent fraud, such as unauthorized transactions, and to manage our business and risk.
What outside companies work on the bank's behalf?
We share information with companies that may work for us to support the products and services we offer. These companies may include check-printing vendors or companies that help us mail account statements.
In addition, when you open an account or apply for a credit card, loan or line of credit, we may use various credit bureaus as part of the process for approving your application. We may also use outside companies to help us with fraud investigations.
Because these companies act on our behalf, they are obligated to keep information we provide them secured and confidential and use the information only to provide the services we've asked them to perform.
Does Bank of America share customer information with third parties who may want to offer me their products and services?
Bank of America may share some information about credit card accounts and Sponsored non-credit card Accounts with selected third parties. Bank of America offers tailored credit card and Sponsored Account products through affinity partners, such as colleges, sport teams and professional groups. Sharing of certain credit card and Sponsored Account information enables the bank to offer these products and services.
Back to Top
How can I determine if an account is a Sponsored Account?
Sponsored Accounts are any non-credit card accounts or services provided by the bank (such as CDs or checking accounts) that are co-branded with other organizations, such as colleges or sporting teams. Customers will know if an account is sponsored by the co-branding on account materials, such as statements. If you are unable to determine if your account is a Sponsored Account or have any questions about Sponsored Accounts or our Privacy Notice, please call us at 1.888.341.5000.
I am a credit card or Sponsored Account customer. What choices do I have when it comes to sharing with third parties?
You may request we not share information about your accounts with third parties who may want to offer you their products and services. Set your choices
Why do I have to request you not share information with third parties for each credit card or Sponsored Account?
This gives you the flexibility to select certain accounts for sharing even if you request we not share information for other accounts. For example, a customer with multiple accounts that are eligible for sharing may want to share more information with an alumni association or professional membership organization than with a sports team.
If I am a credit card or Sponsored Account customer, how do I benefit from information shared with third parties?
Through our extended relationships with affinity groups, credit card holders and Sponsored Account customers may receive discounts on products, access to limited edition merchandise or unique access to events sponsored by our affinity partners, e.g. sports teams, colleges and professional groups.
Does this notice apply to affiliate marketing?
No, Bank of America has a separate affiliate marketing notice, given to customers at account opening.
What are my choices about information sharing?
You have choices when it comes to sharing certain information with affiliates and third parties and limiting direct marketing contact. Bank of America offers several easy ways you can inform us of your privacy choices:
How long does it take to honor my direct marketing choices?
We will work to note your request promptly, but your request may take up to twelve weeks to be fully effective for mail campaigns. Because promotions from our affiliates or Affinity Partners are developed weeks and months in advance, you may sometimes receive solicitations if the promotion has already been implemented.
If you elect not to receive direct marketing offers by postal mail, telephone and/or e-mail, please note that we may continue to contact you as necessary to service your account, which may include being contacted by your assigned account representative (for example, Financial Advisor or relationship manager), if applicable, and for other nonmarketing purposes. Bank of America may also continue to provide marketing information in your regular account mailings and statements, including online and ATM communications.
What is the five-year opt out language?
When you opt out of direct marketing by mail or telephone, your opt out(s) will last for five years, subject to applicable law. After that, you can choose to renew your opt out(s) for another five-year period.
Does this five-year expiration apply also to opt outs from third party or affiliate sharing?
No, this applies only to the direct marketing opt out for mail or phone contacts.
How will I know when my Bank of America Do Not Call or Do Not Mail choice expires?
If you have informed us prior to January 1, 2007 of your choice not to receive marketing solicitations by phone or mail, we will provide notification prior to the expiration of a choice along with information on how to renew a choice. If you informed us after January 1, 2007, your telephone and postal mail opt-out choices will last for five years, subject to applicable law.
How do I get on your "do not mail," "do not phone" or "do not email" list?
To tell us your choices:
Can a business opt out of direct marketing?
No, direct marketing choices, with the exception of e-mail, apply to individuals, not businesses.
What will Bank of America try to sell me over the phone?
To minimize the amount of telephone solicitation our customers receive, we do not offer nonfinancial products and services through telephone solicitations.
The Online Privacy Notice has been updated; have your privacy practices changed?
No, we have not changed our privacy practices. Bank of America strives to be an industry leader in transparency in terms of online data collection and use and we review our notice at least annually to ensure it continues to align with our practices and provides clear and current information on how we use information collected from or about you. The updated notice reflects the results of this periodic review.
Can I choose not to accept cookies?
Yes. But, if you choose not to accept cookies from our Sites, then you may not be able to access and use all or part of the Site or benefit from the information and services offered. You also may not receive advertising or other offers from us that may be relevant to your individual interests and needs.
Do you use Flash objects?
Yes, Flash objects are used as part of our solutions for online authentication to help us recognize you and your device when you come back to our Site. We also use Flash objects to determine your browser type and version of Adobe® Flash® in order for you to view our demos and tutorials with moving content.
Can I delete Flash objects?
Yes. But, if you choose to delete Flash objects from our Sites, then you may not be able to access and use all or part of the Site or benefit from the information and services offered.
What is Relationship Based Advertising?
Customized content and advertisements provided to you on our Sites based on your relationship with us.
What is Online Behavioral Advertising?
Analysis of consumers' online activities over time including the searches the consumer has conducted, the pages visited, and the content viewed, in order to deliver advertising customized to meet the individual consumer's interests.
Why does Bank of America use Relationship Based and Online Behavioral Advertising?
We strive to provide you with information about products and services that are of particular interest to you. Relationship Based and Online Behavioral Advertising helps us to customize your online experience.
Can I opt-out of Relationship Based and Online Behavioral Advertising on your Sites?
Yes, if you prefer not to receive customized content and advertisements on our Sites, you may opt-out. Please note that if you opt out of either relationship based or online behavioral advertising on our Sites, you may still receive generic online advertising from Bank of America. When you access account servicing areas (i.e. after sign-in), such as Online Banking and MyMerrill, you may see customized content and advertising based on your account relationships. Opting out means that the content and advertising you receive on our non-servicing sites (i.e. before sign-in) will be generic and will not be based on your relationship, preferences or behavior. Remember that your browser must be set to accept cookies in order for these opt-outs to work.
Can I opt out of Online Behavioral Advertising on other sites?
You may also opt-out of receiving behavioral ads from many websites through the Network Advertising Initiative's Opt-Out Tool or other tools provided by the publishing platform.
Please note that if you opt-out, you may still receive generic online advertising from Bank of America. Opting out from a specific third-party website means that the ads you receive will not be based on your preferences or behavior. Remember that your browser must be set to accept cookies in order for these opt-outs to work.
Will opting out of Relationship Based and Online Behavioral Advertising stop all Bank of America ads?
No, opting out means the content and advertising you receive from us on our non-servicing sites (i.e. before sign-in) and on third party websites will be generic and will not be based on your relationship, preferences or behavior.
Does the Consumer Privacy Notice apply to all transactions and other activities I perform while I'm banking online at Bank of America?
Yes. The Consumer Privacy Notice protects you when you are online at any Bank of America website. Your online activities are also covered by the Online Privacy Notice, which explains how we may collect information from you online when you visit a Bank of America site. The Online Privacy Notice also explains how we manage the privacy and security of your personal and account information online. To learn more, we encourage you to read our Online Privacy Notice.
Do you ever make changes to your Online Privacy Notice?
We may occasionally make changes or update our Online Privacy Notice. When we do make changes or updates, we will also update the effective date of the policy. The effective date is indicated at the top of the policy.
What is Rapport from Trusteer?
Rapport is a security application that provides online protection against malware attacks. Online Banking customers can use Rapport to protect web browsers while using any website containing financial or personal information. Rapport helps keep your computer safe from keyloggers, session hijacking, screen capturing and more.
Why do I need Rapport?
The anti-virus or security software you are probably running is important but may not be enough. Bank of America recommends you use additional protection for safe Online Banking.
Conventional solutions, such as anti-virus and anti-spyware software, personal firewalls and anti-phishing toolbars, all rely on known techniques. These solutions are becoming less effective at stopping new, sophisticated criminal activity. Rapport helps detect what conventional desktop security solutions can miss. It works with your antivirus software for an extra layer of protection.
How does Rapport work?
Rapport is entirely transparent. It doesn't require any change to the way you work online or sign in to our site. It does not require any configuration or maintenance. You simply download and install it, then browse with additional security. You'll know it's working by the Rapport icon displayed in your browser's address bar.
How much does Rapport cost?
Rapport is free from Bank of America as part of our commitment to security. We cover the costs associated with the development, maintenance and support of Rapport.
Who do I contact for support?
For help using Rapport, you can contact Trusteer Support. Trusteer operates a 24-hour customer center to help with any questions or issues you may have through live chat and email.
How do I know the information you have on file about me is safe and secure?
We value the trust of our customers, and we understand that handling their financial information with care is one of our most important responsibilities. Only those who need to know a customer's financial information – because they provide the accounts and services the customer might need – are authorized to have access to it.
Bank of America operates under a detailed, rigorous information security policy and program designed to protect the security and confidentiality of our customer's information. Bank of America Board of Directors has approved this policy and program, and we keep the board informed on the overall status of our information security program. The information security program is subject also to ongoing regulatory oversight and examination.
Additionally, we have a strict code of ethics for all associates that requires confidential treatment of customer information. All associates with access to customer information must complete information protection training annually. Bank of America also maintains physical, electronic and procedural safeguards to protect against unauthorized access to customer information.
How can I trust that the people who work at Bank of America will keep information about me private?
Keeping customer's financial information secure is one of our most important responsibilities. We value your trust and handle information about you with care. Our associates are bound by a code of ethics requiring confidential treatment of customer information and are subject to disciplinary action if they fail to follow this code. All associates receive awareness training annually regarding their responsibilities for protecting the privacy and confidentiality of customer information entrusted to them.
I know Bank of America uses other companies to serve some of its customers and shares information with certain third parties. How can I be assured that my information is kept safe and secure in such arrangements?
Bank of America is committed to providing customers with the best financial products and services available. In order to do that, we sometimes use other companies to assist in providing high-quality, efficient and cost-effective service, as well as using affinity partners to offer a greater range of financial products that may be tied to organizations of interest to you. We take great care in choosing our suppliers and Affinity Partners.
Bank of America operates under detailed, rigorous information security policies and programs that go well beyond the requirements of regulatory guidance. A vital element of our information security program requires oversight of third-party suppliers, which applies to international as well as domestic companies. Contracts with our suppliers who have access to our customer's information require them to substantiate that they meet the strict requirements of our information security program and only use the information for restricted purposes.
What is email fraud?
There are many types of email fraud. A recent and increasingly common type of email fraud involves the use of phony emails that ask you to provide sensitive personal, financial or account information. You may be asked to supply the information in a return email, in a separate form attached to the email or by visiting a phony website using a link contained in the email message. The people attempting to get this information may use it to access your accounts directly, including withdrawing money, or to open new accounts in your name using your information. Learn more about email and online fraud.
How do I recognize email fraud?
Recognizing email fraud may not be easy. The criminals who use email and online fraud to get your personal, financial or account information are adopting increasingly sophisticated techniques for duping consumers. You should approach unsolicited email containing urgent appeals for security or personal information with great caution. You should always confirm the validity of email messages that appear to come from trusted sources. Bank of America will never ask you provide your Social Security Number, ATM or Debit Card PIN or any other sensitive information in response to an email. If you receive an email from Bank of America and you're not sure if it's real, don't click on any links in the email. Type www.bankofamerica.com into your browsers address bar, and look for your SiteKey when you sign in to Online Banking. See an example of a fraudulent email. Learn more about email and online fraud.
How do I report a suspicious email?
To report a suspicious Bank of America email, you can forward it to email@example.com New mail message. Get more information about reporting a suspicious email.
What can I do to protect my personal information?
Some tips for protecting your personal information:
More tips on how to protect yourself
Then we can provide you with relevant answers.Get started