Bank of America U.S. Online Privacy Notice
Last updated July 24, 2014
This U.S. Online Privacy Notice (Notice) applies to this Bank of America online interface (i.e., website or mobile application) and any Bank of America U.S. affiliate or subsidiary online interface that links to this Notice, (each, a Site, and, collectively, Sites). The term "Bank of America" or "we" or "us" or "our" in this Notice refers to banking and non-banking U.S. affiliates or subsidiaries of Bank of America Corporation that link to this Notice. This Notice describes how Sites may collect, use and share information from or about you, and explains how information may be collected and used for advertising purposes.
Bank of America provides other online interfaces not covered by this Notice. If you visit or access your accounts from one of these sites, please review the online privacy practices of that site to understand how your online information may be collected, used and shared.
For U.S. account holders and visitors to this Site, we will use and share any information that we collect from or about you in accordance with the Bank of America U.S. Consumer Privacy Notice, which provides choices in the use and sharing of information. For Non-U.S. account holders utilizing this Site, we will use and share your account information in accordance with the privacy disclosure that covers your account and with the privacy and security rules applicable to the Bank of America affiliate or subsidiary that provides that account to you.
Additional information on our Privacy & Security practices may be found on our Sites and within Frequently Asked Questions (FAQs). Although the additional information is provided as a resource, the terms and conditions of this Notice control, and by using the Site, you agree to the terms and conditions of this Notice.
Collecting and Using Information
Personal Information We Collect Online
Personal Information means personally identifiable information such as information you provide via forms, surveys, applications or other online fields including name, postal or email addresses, telephone, fax or mobile numbers, or account numbers.
How We Use Personal Information
We may use Personal Information:
- to respond to your inquiries and fulfill your requests;
- to inform you about important information regarding the Site, products or services for which you apply or may be interested in applying for, or in which you are already enrolled, changes to terms, conditions, and policies and/or other administrative information;
- to deliver marketing communications that we believe may be of interest to you, including, ads or offers tailored to you;
- to personalize your experience on the Site;
- to allow you to apply for products or services (e.g., to prequalify for a mortgage, apply for a credit card, or to open a retirement account, investment account or other financial product) and evaluate your eligibility for such products or services;
- to verify your identity and/or location (or the identity or location of your representative or agent) in order to allow access to your accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of account and Personal Information;
- to allow you to participate in surveys and other forms of market research, sweepstakes, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which may contain additional information about how Personal Information is used and shared;
- to allow you to use some Site financial planning tools. Information that you enter into one of these planning tools may be stored for future access and use. You have the option not to save the information;
- collected through aggregation services such as My Portfolio® and My Financial Picture® in order to consolidate your financial account information at one online location; understand what product or service may be of interest to you; and present you with offers;
- collected through our social media pages and other online interactions with you to assist in verifying your identity and account status. We may combine this online information with information collected from offline sources or information we already have;
- for business purposes, including data analysis, audits, developing and improving products and services, enhancing the Site, identifying usage trends and determining the effectiveness of promotional campaigns;
- for risk control, for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal process and law enforcement requirements;
- to allow you to utilize features within our Sites by granting us access to information from your device such as contact lists, or geo-location when you request certain services.
How Personal Information is Shared
Please see the Bank of America U.S. Consumer Privacy Notice for information on how Personal Information may be shared and how you may be able to limit certain types of sharing.
Other Information We Collect Online
Other Information is any information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as browser information, information collected through cookies, pixel tags and other technologies, demographic information, other information provided by you such as your date of birth or household income, and aggregated and de-identified data.
How We Collect and Use Other Information
We and our third-party service providers may collect and use Other Information in a variety of ways, including:
- Through your browser or device: Certain information is collected by most browsers and/or through your device, such as your Media Access Control (MAC) address, device type, screen resolution, operating system version and internet browser type and version. We use this information to ensure Sites function properly, for fraud detection and prevention, and security purposes.
- Using cookies: Cookies are pieces of information stored directly on the device you are using. Cookies we use do not contain or capture unencrypted Personal Information. Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, language preferences, and your relationship with us. We use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize/tailor your experience while engaging with us, and to recognize your device to allow your use of our online products and services. We collect statistical information about the usage of the Site in order to continually improve the design and functionality, to monitor responses to our advertisements and content, to understand how account holders and visitors use the Site and to assist us with resolving questions regarding the Site. We also utilize cookies for advertising purposes. Please see the Advertising section below for more information.
You can refuse to accept these cookies and most devices and browsers offer their own privacy settings for cookies. You will need to manage your cookie settings for each device and browser you use. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Site and some online products and services. For example, we will not be able to recognize your device and you will need to answer a challenge question each time you log on. You also may not receive tailored advertising or other offers from us that may be relevant to your interests and needs.
- Other technologies including pixel tags, web beacons, and clear GIFs: These may be used in connection with some Site pages, downloadable mobile applications and HTML-formatted email messages to measure the effectiveness of our communications, the success of our marketing campaigns, to compile statistics about usage and response rates, to personalize/tailor your experience while engaging with us online and offline, for fraud detection and prevention, for security purposes, for advertising, and to assist us in resolving account holders’ questions regarding use of our Site. Please see our Advertising section below for more information regarding our use of other technologies.
- Flash objects: As part of our solutions for online authentication, we use Flash objects (sometimes referred to as “Local Shared Objects”) to help us recognize you and your device when you come back to the Site. For our pages running Adobe® Flash® content (demos and tutorials with moving content), we use Flash objects to determine your browser type and version of Adobe Flash in order for you to view the content. We do not use Flash objects for any online behavioral advertising purpose. Deleting cookies does not delete Flash objects. You can learn more about Flash objects - including how to control and disable them - through the Adobe interface. If you choose to disable Flash objects from our Site, then you may not be able to access and use all or part of the Site or benefit from the information and services offered.
- IP Address: Your IP Address is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user visits the Site, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many web sites. We use IP Addresses for purposes such as calculating Site usage levels, helping diagnose server problems, to personalize/tailor your experience while engaging with us online and offline, for compliance and security purposes, for advertising, and administering the Site. Please see the Advertising section below for more information.
- Aggregated and De-identified Data: Aggregated and De-identified Data is data that we may create or compile from various sources, including but not limited to accounts and transactions. This information, which does not identify individual account holders, may be used for our business purposes, which may include offering products or services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.
Third party widgets – we may allow certain widgets (e.g., social share buttons) on our Sites that enable users to easily share information on another platform, such as a social media platform. The third parties that own these widgets may have access to information about your browsing on pages of our Sites where these widgets are placed. You may wish to review information at the third party site, such as social media platforms where you have an account, to determine how these third parties collect and treat such information. Also, see Linking to other sites and Social media sites below.
Bank of America advertises online (e.g., pages within our Sites and mobile apps through bank managed social media presences, and on other sites and mobile apps not affiliated with Bank of America) and offline (e.g. in banking centers, through call centers, and direct marketing). In order to understand how advertising performs, we may collect certain information on our Sites and other sites and mobile apps through our advertising service providers using cookies, IP addresses, and other technologies. The collected information may include the number of page visits, pages viewed on our Sites, search engine referrals, browsing activities over time and across other sites following your visit to one of our Sites or apps, and responses to advertisements and promotions on the Sites and on sites and apps where we advertise.
Bank of America uses information described in this Notice to help advertise our products and services, including prescreened offers of credit, in a variety of ways. We use such information to:
How we tailor ads:
Relationship based advertising
In order to help make our advertising informative and useful, we may use information about your relationship with us (such as types of accounts, transactional information or the state in which you bank) to help determine which advertisements or offers to present to you.
Online Behavioral Advertising
We or our advertising service providers may use certain information about your activities on our Sites, such as pages visited and search key words entered to help determine which of our advertisements or offers may be of interest to you. We limit access and collection of information for specific purposes by advertising service providers. We may use this online information for online and offline advertising.
Advertising on third party sites and mobile apps
Bank of America contracts with advertising companies to advertise our products and services on sites and mobile apps not affiliated with us. We may use Aggregated and De-identified Data and information provided by you to these third party sites and mobile apps to select which of our advertisements or offers may appeal to you, display them to you and monitor your responses. Third Party sites and mobile apps are not subject to Bank of America Privacy Notices. Please visit the individual sites and mobile apps for additional information on their data and privacy practices and opt out policies.
Online Behavioral Advertising on third party sites and mobile apps
Some of our tailored ads are online behavioral advertising, and may be served using data collected by third party providers. Ads served on our behalf by these companies do not contain unencrypted Personal Information and we limit the use of information by companies that serve our ads. To learn more about this practice and your choices in connection with it, see the section Advertising Choices below
You may set your choices for advertising in the following ways:
Online Behavioral Advertising: If you prefer we not use information based on online Site behavior to provide online and offline tailored content and advertising, you may opt out of online behavioral advertising.
Opting out also means that the online content and advertising you receive on our non-servicing sites (i.e. before sign-in) will be untailored and will not be based on your online behavior or your relationship.
Please note that if you opt out of this advertising, you may still receive untailored advertising from Bank of America. When accessing online account servicing areas (i.e. after sign-in), such as Online Banking or MyMerrill, you may receive tailored content and advertising based on your account relationships. In addition, financial advisors/Client Managers may continue to use information collected online as described in this Notice to provide details on products and services in accordance with account agreements. See Important Reminder section below.
Bank managed Direct Marketing: If you prefer we not deliver you marketing offers in email, postal mail or through telemarketing you may manage your direct marketing choices online or:
- by telephone at 1.888.341.5000 -our menu will prompt you through the choices,
- through your assigned account representative (e.g., Financial Advisor, Mortgage Loan Officer) or a representative at a banking center
You may also opt out of receiving behavioral ads from many sites through the Network Advertising Initiative's Opt-Out Tool or other tools provided by the publishing platform.
Please note that if you opt out, you may still receive untailored online advertising from Bank of America. Opting out from a specific third party site means that the ads you receive will not be tailored based on your choices or behavior.
In order for online behavioral advertising opt outs from our Sites and on other sites to work on your device, your browser must be set to accept cookies. If you delete cookies, buy a new device, access our Site or other sites from a different device, login under a different screen name, or change web browsers, you will need to opt-out again. If your browser has scripting disabled, you do not need to opt out, as online behavioral advertising technology does not work when scripting is disabled. Please check your browser's security settings to validate whether scripting is active or disabled.
Bank of America's Mobile Applications for U.S. accounts ("Applications") allows you to access your account balances and holdings, make deposits, transfers and pay bills on your mobile device. This Notice applies to any Personal Information or Other Information that we may collect through the Applications.
Linking to other sites
We may provide links to third party sites, such as credit bureaus, service providers or merchants. If you follow links to sites not affiliated or controlled by Bank of America, you should review their privacy and security policies and other terms and conditions, as they may be different from those of our Sites. Bank of America does not guarantee and is not responsible for the privacy or security of these sites, including the accuracy, completeness, or reliability of their information.
Social media sites
To protect Personal Information from unauthorized access and use, we use security measures that comply with applicable federal and state laws. These measures may include device safeguards and secured files and buildings as well as oversight of our third party service providers to ensure information remains confidential and secure. Please visit bankofamerica.com/security for additional information.
Using other aggregation websites
Other companies offer aggregation websites and services that allow you to consolidate your financial account information from different sources (such as your accounts with us or with other financial institutions) so that you can view all your account information at one online location. To do this, an aggregation provider may request access to Personal Information, such as financial information, usernames and passwords. You should use caution and ensure that the aggregator company has appropriate policies and practices to protect the privacy and security of any information you provide or to which they are gaining access. We are not responsible for the use or disclosure of any Personal Information accessed by any company or person to whom you provide your Site username and password.
If you provide your Site username, password or other information about your accounts with us to an aggregation website, we will consider that you have authorized all transactions or actions initiated by an aggregation website using access information you provide, whether or not you were aware of a specific transaction or action. If you decide to revoke the authority you have given to an aggregation website, we strongly recommend that you change your password for the Site to ensure that the aggregation website cannot continue to access your account.
Making sure information is accurate
Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please use the Contact Us option on our Site, or call or write to us at the telephone numbers or appropriate address for changes listed on your account statements, records, online or other account materials. You can also speak to a customer representative at a banking center, your Financial Advisor or account representative.
Protecting children’s privacy online
The Site is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Site. We do not knowingly collect information from children under 13 without parental consent. Visit the Federal Trade Commission website for more information about the Children's Online Privacy Protection Act (COPPA).
Protecting individual health information
To the extent that we receive, maintain, or process an individual's protected health information, Bank of America may disclose that information as authorized by and in accordance with applicable federal and/or state law.
Updates to this Privacy Notice
This U.S. Online Privacy Notice is subject to change. Please review it periodically. If we make changes to the U.S. Online Privacy Notice, we will revise the “Last Updated” date at the top of this Notice. Any changes to this Notice will become effective when we post the revised Notice on the Site. Your use of the Site following these changes means that you accept the revised Notice.