Bank of America U.S. Online Privacy Notice
Last updated January 1, 2014
This U.S. Online Privacy Notice (Notice) applies to this Bank of America online interface (i.e., website or mobile application) and any Bank of America U.S. affiliate or subsidiary online interface that links to this Notice, (each, a Site, and, collectively, Sites). The term "Bank of America" or "we" or "us" or "our" in this Notice refers to banking and non-banking U.S. affiliates or subsidiaries of Bank of America Corporation that link to this Notice. This Notice describes how Sites may collect, use and share information from or about you and explains how information may be collected and used based on online interactions with our advertisements that appear on the Sites and third party websites.
Bank of America provides other online interfaces not covered by this Notice. If you visit or access your accounts from one of these sites, please review the online privacy practices of that site to understand how your online information may be collected, used and shared.
For U.S. account holders and visitors to this Site, we will use and share any information that we collect from or about you in accordance with the Bank of America U.S. Consumer Privacy Notice, which provides choices in the use and sharing of information. For Non-U.S. account holders utilizing this Site, we will use and share your account information in accordance with the privacy disclosure that covers your account and with the privacy and security rules applicable to the Bank of America affiliate or subsidiary that provides that account to you.
For additional Privacy Notices and practices information, please review the Frequently Asked Questions (FAQs) located on the site. Please note the terms and conditions of this Notice control. By using the Site, you agree to the terms and conditions of this Notice.
Collecting and Using Information
Personal Information We Collect Online
Personal Information means personally identifiable information such as information you provide via forms, surveys, applications or other online fields including name, postal or email addresses, telephone, fax or mobile numbers, or account numbers.
How We Use Personal Information
We may use Personal Information:
- to respond to your inquiries and fulfill your requests;
- to send you important information regarding the Site, changes to terms, conditions, and policies and/or other administrative information;
- to send you marketing communications that we believe may be of interest to you;
- to personalize your experience on the Site by presenting content, ads or offers tailored to you;
- to allow you to apply for products or services (e.g., to prequalify for a mortgage, apply for a credit card, or to open a retirement account, investment account or other financial product) and evaluate your eligibility for such products or services;
- to verify your identity and/or location (or the identity or location of your representative or agent) in order to allow access to your accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of account and Personal Information;
- to allow you to participate in surveys, sweepstakes, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which may contain additional information about how Personal Information is used and shared;
- to allow you to use Site financial planning tools. Please note that some planning tools require that you provide Personal Information to use (e.g., mortgage interest rate tracker), whereas others do not (e.g., mortgage calculator). Information that you enter into one of these planning tools may be stored for future access and use. You have the option not to save the information;
- collected through aggregation services such as My Portfolio® and My Financial Picture® in order to consolidate your financial account information at one online location; understand what product or service may be of interest to you; and present you with offers;
- collected through our social media pages and interactions with you to assist in verifying your identity and account status. We may combine this information with information we already have;
- for business purposes, including data analysis, audits, developing and improving products and services, enhancing the Site, identifying usage trends and determining the effectiveness of promotional campaigns;
- for risk control, for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal process and law enforcement requirements;
- to allow you to utilize features within our Sites by granting us access to information from your device such as contact lists, or geo-location when you request certain services that are dependent on your physical location.
How Personal Information is Shared
Please see the Bank of America U.S. Consumer Privacy Notice for information on how Personal Information may be shared.
Other Information We Collect Online
Other Information is any information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as browser information, information collected through cookies, pixel tags and other technologies, demographic information, other information provided by you such as your date of birth or household income, and aggregated and de-identified data.
How We Collect and Use Other Information
We and our third-party service providers may collect and use Other Information in a variety of ways, including:
- Through your browser: Certain information is collected by most browsers, such as your Media Access Control (MAC) address, device type, screen resolution, operating system version and internet browser type and version. We use this information to ensure Sites function properly and for security purposes.
- Using cookies: Cookies are pieces of information stored directly on the device you are using. Cookies we use do not contain or capture unencrypted Personal Information. Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, language preferences, and your relationship with us. We use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize/customize your experience while visiting the Site, and to recognize your device to allow your use of our online products and services. We collect statistical information about the usage of the Site in order to continually improve the design and functionality, to monitor responses to our advertisements and content, to understand how account holders and visitors use the Site and to assist us with resolving questions regarding the Site. We also utilize cookies for our online advertising purposes. Please see the Advertising section below for more information.
You can refuse to accept these cookies and most devices and browsers offer their own privacy settings for cookies. You will need to manage your cookie settings for each device and browser you use. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Site and some online products and services. For example, we will not be able to recognize your device and you will need to answer a challenge question each time you log on. You also may not receive customized advertising or other offers from us that may be relevant to your interests and needs.
- Using pixel tags, web beacons, clear GIFs or other technologies: These may be used in connection with some Site pages, downloadable mobile applications and HTML-formatted email messages to measure the effectiveness of our communications, the success of our marketing campaigns, compile statistics about usage and response rates, and to assist us in resolving account holders’ questions regarding use of our Site.
- Flash objects: As part of our solutions for online authentication, we use Flash objects (sometimes referred to as “Local Shared Objects”) to help us recognize you and your device when you come back to the Site. For our pages running Adobe® Flash® content (demos and tutorials with moving content), we use Flash objects to determine your browser type and version of Adobe Flash in order for you to view the content. We never store Personal Information in these Flash object files unless encrypted. We do not use Flash objects for any online behavioral advertising purpose. Deleting cookies does not delete Flash objects. You can learn more about Flash objects - including how to control and disable them - through the Adobe interface. If you choose to disable Flash objects from our Site, then you may not be able to access and use all or part of the Site or benefit from the information and services offered.
- IP Address: Your IP Address is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user visits the Site, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many web sites. We use IP Addresses for purposes such as calculating Site usage levels, helping diagnose server problems, for compliance and security purposes and administering the Site.
- Aggregated and De-identified Data: Aggregated and De-identified Data is data that we may create or compile from various sources, including but not limited to accounts and transactions. This information, which does not identify individual account holders, is used for our business purposes, which may include offering products or services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.
Bank of America advertises on pages within the Sites (including mobile downloadable apps) as well as on other websites and mobile apps not affiliated with Bank of America. Information collected by us or our advertising service providers through cookies and other technologies includes the number of people who look at each of the pages on the Sites, search engine referrals, browsing patterns within the Sites, and responses to advertisements and promotions on the Sites and on websites and apps where we advertise.
Advertising on our Sites
Bank of America advertises our products and services, including prescreened offers of credit, on pages within the Sites. These advertisements may take the form of banner ads, splash ads (ads that appear as you sign on or sign off of your online accounts), and other formats.
Relationship based advertising
Bank of America may customize content and advertisements for our products and services
on the Sites we own. In order to make the content and advertising as informative and useful as
possible, we may use information about your relationship with us (such as types of accounts,
transactional information or the state in which you bank).
Online Behavioral Advertising
We also use advertising service providers to help us determine which of our advertisements
are most likely to be of interest to you using certain Other Information such as web pages
visited, search keywords entered, or your activities on our Site. We limit access and collection of
information for specific purposes by advertising service providers.
If you prefer we not use relationship based and/or certain Other Information to provide customized content and advertising you may opt out of relationship based or online behavioral advertising on our Sites.
Please note that if you opt out of either relationship based or online behavioral advertising on our Sites, you may still receive generic online advertising from Bank of America. When you access account servicing areas (i.e. after sign-in), such as Online Banking or MyMerrill, you may see customized content and advertising based on your account relationships. Opting out means that the content and advertising you receive on our non-servicing sites (i.e. before sign-in) will be generic and will not be based on your relationship, preferences or behavior. See Important Reminder section below.
Advertising on third party sites
Bank of America contracts with advertising companies to advertise our products and services on websites and mobile apps not affiliated with us. We may use Aggregated and De-identified Data and information provided by you to these third party websites to select which of our advertisements or offers may appeal to you, display them to you and monitor your responses. Third Party websites are not subject to Bank of America Privacy Notices. Please visit the individual websites for additional information on their data and privacy practices and opt-out policies.
Online Behavioral Advertising
Some of our customized ads are behavioral advertising, and may be served using data collected
through cookies and other technologies by third party websites. Cookies placed on our behalf
by these companies, do not contain or capture Personal Information. We limit companies that
place our ads from using information for any purpose other than to assist us in our advertising
Bank of America has adopted the use of the Advertising Options Icon on our behavioral
ads (excluding ads appearing on platforms that do not accept the icon). Anyone receiving
a behavioral ad may click on the displayed icon to receive more information and can
mechanism, if any.
You may also opt-out of receiving behavioral ads from many websites through the
Network Advertising Initiative's Opt-Out Tool or other tools provided by the publishing
Please note that if you opt-out, you may still receive generic online advertising from Bank of America. Opting out from a specific third party website means that the ads you receive will not be based on your preferences or behavior.
In order for relationship based or behavioral advertising opt-outs from our Sites and other sites to work on your device, your browser must be set to accept cookies. If you delete cookies, buy a new device, access our Site or other sites from a different device, login under a different screen name, or change web browsers, you will need to opt-out again. If your browser has scripting disabled, you do not need to opt- out, as relationship based or online behavioral advertising technology does not work when scripting is disabled. Please check your browser's security settings to validate whether scripting is active or disabled.
Bank of America's Mobile Applications for U.S. accounts ("Applications") allows you to access your account balances and holdings, make deposits, transfers and pay bills on your mobile device. This Notice applies to any Personal Information or Other Information that we may collect through the Applications.
Linking to other sites
We may provide links to third party websites, such as credit bureaus, service providers or merchants. If you follow links to websites not affiliated or controlled by Bank of America, you should review their privacy and security policies and other terms and conditions, as they may be different from those of our Sites. Bank of America does not guarantee and is not responsible for the privacy or security of these websites, including the accuracy, completeness, or reliability of their information.
Social media sites
To protect Personal Information from unauthorized access and use, we use security measures that comply with applicable federal and state laws. These measures may include device safeguards and secured files and buildings as well as oversight of our third party service providers to ensure information remains confidential and secure. Please visit bankofamerica.com/security for additional information.
Using other aggregation websites
Other companies offer aggregation websites and services that allow you to consolidate your financial account information from different sources (such as your accounts with us or with other financial institutions) so that you can view all your account information at one online location. To do this, an aggregation provider may request access to Personal Information, such as financial information, usernames and passwords. You should use caution and ensure that the aggregator company has appropriate policies and practices to protect the privacy and security of any information you provide or to which they are gaining access. We are not responsible for the use or disclosure of any Personal Information accessed by any company or person to whom you provide your Site username and password.
If you provide your Site username, password or other information about your accounts with us to an aggregation website, we will consider that you have authorized all transactions or actions initiated by an aggregation website using access information you provide, whether or not you were aware of a specific transaction or action. If you decide to revoke the authority you have given to an aggregation website, we strongly recommend that you change your password for the Site to ensure that the aggregation website cannot continue to access your account.
Making sure information is accurate
Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please use the Contact Us option on our Site, or call or write to us at the telephone numbers or appropriate address for changes listed on your account statements, records, online or other account materials. You can also speak to a customer representative at a banking center, your Financial Advisor or account representative.
Protecting children’s privacy online
The Site is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Site. We do not knowingly collect information from children under 13 without parental consent. Visit the Federal Trade Commission website for more information about the Children's Online Privacy Protection Act (COPPA).
Protecting individual health information
To the extent that we receive, maintain, or process an individual's protected health information, Bank of America may disclose that information electronically as authorized by and in accordance with applicable federal and/or state law.
Updates to this Privacy Notice
This U.S. Online Privacy Notice is subject to change. Please review it periodically. If we make changes to the U.S. Online Privacy Notice, we will revise the “Last Updated” date at the top of this Notice. Any changes to this Notice will become effective when we post the revised Notice on the Site. Your use of the Site following these changes means that you accept the revised Notice.