Skip to main content
Privacy & Security
Bank of America Privacy and Security Get information about privacy and security at Bank of America. Learn how we can help you protect your accounts and what you can do to help stay secure. bank of america security, bank of america privacy notice, bank of america privacy and security

Bank of America Security Center

Here’s what you need to know (and do) to stay as safe as possible

You can add layers of security to your Online Banking and Mobile Banking app. See how to manage enhanced authentication

 

  • Hide How we protect your accounts and identity

     

    What you need to know:

    • Client security is our top priority, and every partner and colleague is held to strict privacy and information security rules
    • Our global information security team monitors 24/7 for potential threats
    • We’ll never ask you to send us personal information such as an account number, card PIN or Social Security or Tax ID over text or email. If you do receive a request like this or any other suspicious phishing email, please forward it to us at abuse@bankofamerica.com. We will only reply to your message if we require additional information.

    What you need to do:

    • Be sure to keep your contact information, especially your cell phone number and email address, current
    • Verify your card: Verify Your Visa Card is With You allows us to approve transactions when you travel
    • If you use the Bank of America Mobile Banking app, allow push alerts, and be sure to review and respond to alerts promptly
    • When using your mobile device, turn on location services when making a purchase or signing in to add location-based anti-fraud and security permissions
    • Request your free credit report(s) annually and review them for inaccuracies. You can get complete information about obtaining your report(s) at AnnualCreditReport.com.
    • Review the recommendations on the What you can do tab of our account and card security page
  • Show How we protect your privacy

     

    What you need to know:

    • Privacy notices explain how we collect, use and share information. You can manage your marketing preferences and limit the sharing of certain information by updating your individual Bank of America privacy choices.
    • Review the U.S. Online Privacy Notice and the U.S. Consumer Privacy Notice on the bottom of this page
    • You can set your privacy choices (it’s easy, and it only takes a few minutes)
  • Show How you can help protect your accounts

     

    What you need to know:

    • We’ll never ask you to send us personal information (like your Social Security number or ATM PIN) over text or email. If you do receive a request like this, please forward it to us at abuse@bankofamerica.com. Our team reviews all submissions; we will only reply to your message if we require additional information.
    • We fully authenticate all of our emails. Make sure the email address we have on file for you is not a forwarded email (for example, you might forward mail from your college.edu address to your gmail.com account).

    What you need to do:

    • If you receive an email that appears to be from Bank of America and ends up in a junk folder, leave it there
    • Use a strong, unique password for each of your accounts. Memorize them and use multi-factor authentication, like fingerprint or one-time authorization code, where available. Learn more about creating strong passwords
    • Review our fraud prevention checklist for steps you can take to help establish a strong defense against fraud
    • If you’re a victim of fraud, we're here to help. We'll cancel your card and issue a replacement immediately, and you won’t be liable for any fraudulent activity.Footnote1 See What to do if you think your identity has been stolen
    • Avoid sending confidential information through unsecured email, fax or texts to reduce the risk of it being improperly accessed.
  • Show How you can help protect your identity

     

    What you need to know:

    • Identity theft occurs when someone uses your personal information to commit fraudulent acts (like withdrawing money from your account, opening new credit cards or applying for loans or employment)
    • Common signs of identity theft include:
      • Unauthorized withdrawals from your account
      • Bills for unfamiliar debt or failure to receive bills
      • Suspicious charges on your account
      • New accounts or loans you didn’t apply for
      • Being denied credit unexpectedly
      • The IRS notifying you that more than 1 tax return was filed in your name, or that you have income from an employer you don't work for

    What you need to do:

    • Review your statements for unusual transactions or suspicious charges
    • Be sure to keep your contact information (especially your cell phone number and email address) current.
    • Enroll in Verify Your Visa Card is With You to allow us to approve transactions when you travel.
    • If you use the Bank of America Mobile Banking app, allow push alerts and be sure to review and respond to alerts promptly
    • Review our fraud prevention checklist for steps you can take to help establish a strong defense against fraud
    • Learn more about online security and privacy
    • Make the default ID for your internet router unique to you; change the password to make it more difficult for hackers to access your network
  • Show How you can help protect your computer

     

    What you need to know:

    Taking proper precautions helps to make sure your personal and financial information — as well as your identity — remains safe.

    What you need to do:

    • Use a strong, unique password for each of your accounts. Memorize them and use multi-factor authentication where available. Learn more about creating strong passwords
    • Only download software or applications from well-known or reputable sources, such as Apple, Google Play or Microsoft. Check the logos, developer names and reviews to spot fake applications. Scammers count on users being too busy to see differences that can make fake software easier to spot.
    • Install any operating system and software updates (sometimes called patches or service packs)
    • Turn off Wi-Fi and Bluetooth services when you're not using them, and avoid using public Wi-Fi for financial transactions unless you use a secure, private connection, like VPN software.
    • Back up your data regularly. If you use online or cloud storage, be sure you understand your provider's privacy and security policies and keep your access codes safe.
    • Use the administrator log in on your home computer only for creating new users and installing software. If you use administrator accounts when browsing the internet, banking or reading email, the risk of malicious code entering your computer without detection is much greater. Create standard user accounts for yourself and everyone in your family to limit your exposure.
    • Review our fraud prevention checklist for steps you can take to help establish a strong defense against fraud
  • Show How you can help protect your smartphone

     

    What you need to know:

    Our Mobile Banking service incorporates the convenience you want with industry-leading safety and security features that help provide peace of mind.

    What you need to do:

    • Be sure to keep your contact information (especially your cell number and email address) current
    • If you use the Bank of America Mobile Banking app, allow push alerts, and be sure to review and respond to alerts promptly
    • Set a security code/PIN or fingerprint sign-in and enable remote wipe and find my phone features to make sure you're covered if your phone is lost
    • Only download software or applications from well-known or trusted sources–and never click a link from an unknown source or sender
    • Install system and software updates (sometimes called patches or service packs)
    • Turn off Wi-Fi and Bluetooth services when you’re not using them, and avoid using public Wi-Fi for financial transactions unless you use a secure, private connection, like VPN software.
    • Never root or jailbreak your own mobile device to gain access to unofficial applications. This practice may lead to security vulnerabilities and the inability to apply future software updates from the vendor.
    • Review our fraud prevention checklist for more helpful steps
  • Show How you can identify and avoid scams

     

    What you need to know:

    • We work hard to ensure that any Bank of America content you’re receiving is really from Bank of America
    • We’ll never ask you to send us personal information such as an account number, card PIN or Social Security or Tax ID over text or email. If you do receive a request like this or any other suspicious phishing email, please forward it to us at abuse@bankofamerica.com. We will only reply to your message if we require additional information.
    • Scammers use a variety of techniques – here are a few examples.
      • Using compromised business email addresses and impersonating executives, real estate agents, attorneys or others to insist that you redirect planned wire transfers to fraudulent accounts. Learn about business email compromise on the FBI website
      • Sending mailers to older adults that request the payment of a small fee in order to receive a big sweepstakes prize.
      • Posing as government officials, security officers, tax collectors, tech support or even as Bank of America. The scammer may say they’re helping you resolve an issue, can assist with a software license renewal or that there’s fraud on your account.

    See how to spot email scams

    What you need to do:

    • If you receive a suspicious call, text or email from someone claiming to be from Bank of America, do not respond, click links or open attachments. If this has happened to you, contact us right away at 800.432.1000.
    • If you’re being asked to send money or provide information as the result of a call, text or email, here are some questions you need to consider:
      • Is the requestor rushing or pressuring you?
      • Is the person asking for money someone you’ve never met?
      • If a business is requesting that you wire money or send funds online, is it to a new account number or different from what was described on initial paperwork?
      • Is the phone number that’s calling you (from, for example, your title company, contractor or attorney) different than usual?
      • Are you being pressured to send money to claim lottery funds or some other form of prize?

    If you can answer yes to any of these, think carefully about the request to send money. It may be a scam.

  • Show How you can help protect your business

     

    What you need to know:

    • There’s a growing type of fraud called business email compromise. Learn about business email compromise on the FBI website
    • Business identity fraud has become surprisingly common because of the easy accessibility of business information, including website data, company name and staff rosters

    What you need to do:

    • Minimize the risks by using your work computer for business, checking your domain name regularly and reviewing your business credit report
    • Know your customers’ habits, including their payment amounts, reasons and details. Look out for any significant changes to those habits – they might signal a fraud issue.
    • Ensure all business data is securely and regularly backed up. Test the recovery function of your backup procedures regularly to make sure your data is always retrievable.
    • Develop a plan for cybersecurity and fraud disaster recovery. For more fraud prevention best practices for small businesses, check out our Small Business Online Community.
    • For resources for larger businesses, explore information from our Bank of America Merrill Lynch Global Banking and Markets fraud page
    • Engage a trusted advisor to review your security controls and policies on at least an annual basis

Privacy notices explain how we collect, use and share information. You can easily manage your marketing preferences (direct mail, telephone and email) and limit certain information-sharing practices – it’s easy, and it takes just a few minutes.

 

U.S. Online Privacy Notice FULL PAGE VERSION

Bank of America U.S. Online Privacy Notice

Last updated May 1, 2018

This U.S. Online Privacy Notice (Notice) applies to this Bank of America online interface (i.e., website or mobile application) and any Bank of America U.S. affiliate or subsidiary online interface that links to this Notice, (each, a Site, and, collectively, Sites).  The term "Bank of America" or "we" or "us" or "our" in this Notice refers to banking and non-banking U.S. affiliates or subsidiaries of Bank of America Corporation that link to this Notice. This Notice describes how Sites may collect, use and share information from or about you, and explains how information may be collected and used for advertising purposes.

Bank of America provides other online interfaces not covered by this Notice. If you visit or access your accounts from one of these sites, please review the online privacy practices of that site to understand how your online information may be collected, used and shared.

For visitors to this Site, we will use and share any information that we collect on this site from or about you in accordance with the Bank of America U.S. Consumer Privacy Notice.

Additional information on our Privacy & Security practices may be found on our Sites and within Frequently Asked Questions (FAQs). Although the additional information is provided as a resource, the terms and conditions of this Notice control, and by using the Site, you agree to the terms and conditions of this Notice.

Collecting and Using Information

Personal Information We Collect Online

Personal Information means personally identifiable information such as information you provide via forms, surveys, applications or other online fields including name, postal or email addresses, telephone, fax or mobile numbers, or account numbers.

How We Use Personal Information

We may use Personal Information:

  • to respond to your inquiries and fulfill your requests;
  • to inform you about important information regarding the Site, products or services for which you apply or may be interested in applying for, or in which you are already enrolled, changes to terms, conditions, and policies and/or other administrative information;
  • to deliver marketing communications that we believe may be of interest to you, including, ads or offers tailored to you;
  • to personalize your experience on the Site;
  • to allow you to apply for products or services (e.g., to prequalify for a mortgage, apply for a credit card, or to open a retirement account, investment account or other financial product) and evaluate your eligibility for such products or services;
  • to verify your identity and/or location (or the identity or location of your representative or agent) in order to allow access to your accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of account and Personal Information;
  • to allow you to participate in surveys and other forms of market research, sweepstakes, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which may contain additional information about how Personal Information is used and shared;
  • to allow you to use some Site financial planning tools. Information that you enter into one of these planning tools may be stored for future access and use. You have the option not to save the information;
  • collected through aggregation services such as My Portfolio® and My Financial Picture® in order to consolidate your financial account information at one online location; understand what product or service may be of interest to you; and present you with offers;
  • collected through our social media pages and other online interactions with you to assist in verifying your identity and account status. We may combine this online information with information collected from offline sources or information we already have;
  • for business purposes, including data analysis, audits, developing and improving products and services, enhancing the Site, identifying usage trends and determining the effectiveness of promotional campaigns;
  • for risk control, for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal process and law enforcement requirements;
  • to allow you to utilize features within our Sites by granting us access to information from your device such as contact lists, or geo-location when you request certain services.

How Personal Information is Shared

Please see the Bank of America U.S. Consumer Privacy Notice for information on how Personal Information may be shared and how you may be able to limit certain types of sharing.

Other Information We Collect Online

Other Information is any information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as browser information, information collected through cookies, pixel tags and other technologies, demographic information, other information provided by you such as your date of birth or household income, and aggregated and de-identified data.

How We Collect and Use Other Information

We and our third-party service providers may collect and use Other Information in a variety of ways, including:

  • Through your browser or device: : Certain information is collected by most browsers and/or through your device, such as your Media Access Control (MAC) address, device type, screen resolution, operating system version and internet browser type and version. We use this information to ensure Sites function properly, for fraud detection and prevention, and security purposes.
  • Using cookies: Cookies are pieces of information stored directly on the device you are using. Cookies we use do not contain or capture unencrypted Personal Information. Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, language preferences, and your relationship with us. We use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize/tailor your experience while engaging with us, and to recognize your device to allow your use of our online products and services. We collect statistical information about the usage of the Site in order to continually improve the design and functionality, to monitor responses to our advertisements and content, to understand how account holders and visitors use the Site and to assist us with resolving questions regarding the Site. We also utilize cookies for advertising purposes. Please see the Advertising section below for more information.

    You can refuse to accept these cookies and most devices and browsers offer their own privacy settings for cookies. You will need to manage your cookie settings for each device and browser you use. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Site and some online products and services. For example, we will not be able to recognize your device and you will need to answer a challenge question each time you log on. You also may not receive tailored advertising or other offers from us that may be relevant to your interests and needs.

  • Other technologies including pixel tags, web beacons, and clear GIFs: These may be used in connection with some Site pages, downloadable mobile applications and HTML-formatted email messages to measure the effectiveness of our communications, the success of our marketing campaigns, to compile statistics about usage and response rates, to personalize/tailor your experience while engaging with us online and offline, for fraud detection and prevention, for security purposes, for advertising, and to assist us in resolving account holders’ questions regarding use of our Site. Please see our Advertising section below for more information regarding our use of other technologies.
  • Flash objects: As part of our solutions for online authentication, we use Flash objects (sometimes referred to as “Local Shared Objects”) to help us recognize you and your device when you come back to the Site. For our pages running Adobe® Flash® content (demos and tutorials with moving content), we use Flash objects to determine your browser type and version of Adobe Flash in order for you to view the content. We do not use Flash objects for any online behavioral advertising purpose. Deleting cookies does not delete Flash objects. You can learn more about Flash objects - including how to control and disable them - through the Adobe interface. If you choose to disable Flash objects from our Site, then you may not be able to access and use all or part of the Site or benefit from the information and services offered.
  • IP Address: Your IP Address is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user visits the Site, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many web sites. We use IP Addresses for purposes such as calculating Site usage levels, helping diagnose server problems, to personalize/tailor your experience while engaging with us online and offline, for compliance and security purposes, for advertising, and administering the Site. Please see the Advertising section below for more information.
  • Aggregated and De-identified Data: Aggregated and De-identified Data is data that we may create or compile from various sources, including but not limited to accounts and transactions.  This information, which does not identify individual account holders, may be used for our business purposes, which may include offering products or services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.

Additional Information

Third party widgets – we may allow certain widgets (e.g., social share buttons) on our Sites that enable users to easily share information on another platform, such as a social media platform.  The third parties that own these widgets may have access to information about your browsing on pages of our Sites where these widgets are placed.  You may wish to review information at the third party site, such as social media platforms where you have an account, to determine how these third parties collect and treat such information.  Also, see Linking to other sites and Social media sites below.

Advertising

Bank of America advertises online (e.g., pages within our Sites and mobile apps through bank managed social media presences, and on other sites and mobile apps not affiliated with Bank of America) and offline (e.g. in banking centers, through call centers, and direct marketing). In order to understand how advertising performs, we may collect certain information on our Sites and other sites and mobile apps through our advertising service providers using cookies, IP addresses, and other technologies. The collected information may include the number of page visits, pages viewed on our Sites, search engine referrals, browsing activities over time and across other sites following your visit to one of our Sites or apps, and responses to advertisements and promotions on the Sites and on sites and apps where we advertise.

Bank of America uses information described in this Notice to help advertise our products and services, including prescreened offers of credit, in a variety of ways. We use such information to:

  • Present tailored ads, to you including:

    • Banner ads and splash ads that appear as you sign on or off of your online accounts on our Sites, within mobile banking and other mobility applications
    • E-mail, postal mail, and telemarketing, and,
    • On other sites and mobile apps not affiliated with Bank of America;
  • Analyze the effectiveness of our ads; and
  • Determine whether you might be interested in new products or services

How we tailor ads:

Relationship based advertising

In order to help make our advertising informative and useful, we may use information about your relationship with us (such as types of accounts, transactional information or the state in which you bank) to help determine which advertisements or offers to present to you.

Online Behavioral Advertising

We or our advertising service providers may use certain information about your activities on our Sites, such as pages visited and search key words entered to help determine which of our advertisements or offers may be of interest to you. We limit access and collection of information for specific purposes by advertising service providers. We may use this online information for online and offline advertising.

Advertising on third party sites and mobile apps

Bank of America contracts with advertising companies to advertise our products and services on sites and mobile apps not affiliated with us. We may use Aggregated and De-identified Data and information provided by you to these third party sites and mobile apps to select which of our advertisements or offers may appeal to you, display them to you and monitor your responses. Third Party sites and mobile apps are not subject to Bank of America Privacy Notices. Please visit the individual sites and mobile apps for additional information on their data and privacy practices and opt out policies.

Online Behavioral Advertising on third party sites and mobile apps

Some of our tailored ads are online behavioral advertising, and may be served using data collected by third party providers. Ads served on our behalf by these companies do not contain unencrypted Personal Information and we limit the use of information by companies that serve our ads. To learn more about this practice and your choices in connection with it, see the section Advertising Choices below

Advertising Choices

You may set your choices for advertising in the following ways:

Online Behavioral Advertising: If you prefer we not use information based on online Site behavior to provide online and offline tailored content and advertising, you may opt out of online behavioral advertising.

Opting out also means that the online content and advertising you receive on our non-servicing sites (i.e. before sign-in) will be untailored and will not be based on your online behavior or your relationship.

Please note that if you opt out of this advertising, you may still receive untailored advertising from Bank of America. When accessing online account servicing areas (i.e. after sign-in), such as Online Banking or MyMerrill, you may receive tailored content and advertising based on your account relationships. In addition, financial advisors/Client Managers may continue to use information collected online as described in this Notice to provide details on products and services in accordance with account agreements. See Important Reminder section below.

Bank managed Direct Marketing:  If you prefer we not deliver you marketing offers in email, postal mail or through telemarketing you may manage your direct marketing choices online  or:

  • by telephone at 888.341.5000 — our menu will prompt you through the choices,
  • through your assigned account representative (e.g., Financial Advisor, Mortgage Loan Officer) or a representative at a banking center

Advertising on third party sites: Bank of America participates in the Digital Advertising Alliance (DAA) self-regulatory program, uses the  Advertising Options Icon on our behavioral ads on third party sites (excluding ads appearing on platforms that do not accept the icon) and adheres to the DAA self-regulatory Principles for Online Behavioral Advertising. Anyone receiving a behavioral ad may click on the displayed icon to receive more information and can opt out at that time or by visiting the third party site's privacy policy for an opt out mechanism.

You may also opt out of receiving behavioral ads from many sites through the Network Advertising Initiative's Opt-Out Tool or other tools provided by the publishing platform.

Please note that if you opt out, you may still receive untailored online advertising from Bank of America. Opting out from a specific third party site means that the ads you receive will not be tailored based on your choices or behavior.

Important Reminder

In order for online behavioral advertising opt outs from our Sites and on other sites to work on your device, your browser must be set to accept cookies. If you delete cookies, buy a new device, access our Site or other sites from a different device, login under a different screen name, or change web browsers, you will need to opt-out again. If your browser has scripting disabled, you do not need to opt out, as online behavioral advertising technology does not work when scripting is disabled. Please check your browser's security settings to validate whether scripting is active or disabled.

Mobile Applications

Bank of America's Mobile Applications for U.S. accounts ("Applications") allows you to access your account balances and holdings, make deposits, transfers and pay bills on your mobile device.  This Notice applies to any Personal Information or Other Information that we may collect through the Applications.

Linking to other sites

We may provide links to third party sites, such as credit bureaus, service providers or merchants. If you follow links to sites not affiliated or controlled by Bank of America, you should review their privacy and security policies and other terms and conditions, as they may be different from those of our Sites. Bank of America does not guarantee and is not responsible for the privacy or security of these sites, including the accuracy, completeness, or reliability of their information.

Social media sites

Bank of America provides experiences on social media platforms including, but not limited to, Facebook®, Twitter®, YouTube® and LinkedIn® that enable online sharing and collaboration among users who have registered to use them. Any content you post on official Bank of America managed social media pages, such as pictures, information, opinions, or any Personal Information that you make available to other participants on these social platforms, is subject to the Terms of Use and Privacy Policies of those respective platforms. Please refer to them to better understand your rights and obligations with regard to such content.  In addition, please note that when visiting any official Bank of America social media pages, you are also subject to Bank of America's Privacy Notices and Social Media User Terms.

Security

To protect Personal Information from unauthorized access and use, we use security measures that comply with applicable federal and state laws.  These measures may include device safeguards and secured files and buildings as well as oversight of our third party service providers to ensure information remains confidential and secure.  Please visit bankofamerica.com/security for additional information.

Using other aggregation websites

Other companies offer aggregation websites and services that allow you to consolidate your financial account information from different sources (such as your accounts with us or with other financial institutions) so that you can view all your account information at one online location. To do this, an aggregation provider may request access to Personal Information, such as financial information, usernames and passwords. You should use caution and ensure that the aggregator company has appropriate policies and practices to protect the privacy and security of any information you provide or to which they are gaining access. We are not responsible for the use or disclosure of any Personal Information accessed by any company or person to whom you provide your Site username and password.

If you provide your Site username, password or other information about your accounts with us to an aggregation website, we will consider that you have authorized all transactions or actions initiated by an aggregation website using access information you provide, whether or not you were aware of a specific transaction or action.  If you decide to revoke the authority you have given to an aggregation website, we strongly recommend that you change your password for the Site to ensure that the aggregation website cannot continue to access your account.

Making sure information is accurate

Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please use the Contact Us option on our Site, or call or write to us at the telephone numbers or appropriate address for changes listed on your account statements, records, online or other account materials. You can also speak to a customer representative at a banking center, your Financial Advisor or account representative.

Protecting children’s privacy online

The Site is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Site. We do not knowingly collect information from children under 13 without parental consent.  Visit the Federal Trade Commission website for more information about the Children's Online Privacy Protection Act (COPPA). 

Protecting individual health information

To the extent that we receive, maintain, or process an individual's protected health information, Bank of America may disclose that information as authorized by and in accordance with applicable federal and/or state law.

Updates to this Privacy Notice

This U.S. Online Privacy Notice is subject to change. Please review it periodically. If we make changes to the U.S. Online Privacy Notice, we will revise the “Last Updated” date at the top of this Notice. Any changes to this Notice will become effective when we post the revised Notice on the Site. Your use of the Site following these changes means that you accept the revised Notice.

U.S. Consumer Privacy Notice FULL PAGE VERSION

U.S. Consumer Privacy Notice

FACTS

WHAT DOES BANK OF AMERICA DO WITH YOUR PERSONAL INFORMATION?

Why?

Financial companies choose how they share your personal information. Under federal law, that means personally identifiable information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

What?

The types of personal information we collect and share depend on the product or service you have with us.

This information can include:

  • Social Security number and employment information
  • account balances, transaction history and credit information
  • assets and investment experience
How?

All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Bank of America chooses to share; and whether you can limit this sharing.

Reasons we can share your personal informationDoes Bank of America share?Can you limit this sharing?
For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus Yes No
For our marketing purposes — with service providers we use to offer our products and services to you (please see below to limit the ways we contact you) Yes No
For joint marketing with other financial companies Yes No
For our affiliates’ everyday business purposes — Information about your transactions and experiences Yes No
For our affiliates’ everyday business purposes — Information about your creditworthiness Yes Yes
For nonaffiliates to market to you — for all credit card accounts Yes Yes
For nonaffiliates to market to you — for accounts and services endorsed by another organization (e.g., debit card co-branded with a baseball team) “Sponsored Accounts” Yes Yes
For nonaffiliates to market to you — for accounts other than credit card accounts and Sponsored Accounts, such as insurance, investments, deposit and lending No We don't share

To limit our sharing

  • Visit us online: bankofamerica.com/privacy
  • Call 888.341.5000 — our menu will prompt you through your choices
  • Talk to your assigned financial advisor

Please note:
If you are a new customer, we can begin sharing your information 45 days from the date we sent this notice. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing.

To limit direct marketing contact

  • Visit us online: bankofamerica.com/privacy
  • Call 888.341.5000 — our menu will prompt you through your choices
  • Talk to your assigned financial advisor

Please note:
Direct marketing is email, postal mail and telephone marketing. Your telephone and postal mail opt-out choices will last for five years, subject to applicable law. Even if you limit direct marketing, we may still contact you to service your account or as otherwise allowed by law.

Questions?

Call 888.341.5000 or go to bankofamerica.com/privacy

Who we are

Who is providing this notice?

Bank of America U.S. legal entities that utilize the names: Bank of America, Banc of America, U.S. Trust or Merrill Lynch, as well as the entities listed in the Bank of America U.S. legal entities section.

What we do

How does Bank of America protect my personal information?

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. For more information visit bankofamerica.com/security or ml.com/security.

How does Bank of America collect my personal information?

We collect your personal information, for example, when you:

  • open an account or perform transactions
  • apply for a loan or use your credit or debit card
  • seek advice about your investments

We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.

Why can’t I limit all sharing?

Federal law gives you the right to limit some but not all sharing related to:

  • affiliates’ everyday business purposes—information about your creditworthiness
  • affiliates from using your information to market to you
  • nonaffiliates to market to you

State laws and individual Bank of America companies may give you more rights to limit sharing. See Other important information section for your rights under state law.

What happens when I limit sharing for an account I hold jointly with someone else?

Your choices will apply to you alone unless you tell us otherwise. However, your choice to limit sharing with nonaffiliates to market to you for credit card accounts or Sponsored Accounts will apply to all joint account holders. If you have more than one credit card account or Sponsored Account and you choose to opt out, you will need to do so for each account.

Definitions

Affiliates

Companies related by common ownership or control. They can be Financial and nonfinancial companies.

  • Our affiliates include companies that utilize the names Bank of America, Banc of America, U.S. Trust or Merrill Lynch, as well as financial companies such as General Fidelity Life Insurance Company.
Nonaffiliates

Companies not related by common ownership or control. They can be financial and nonfinancial companies.

  • Nonaffiliates we share with can include financial services companies such as insurance agencies or mortgage brokers, nonfinancial companies such as retailers, travel companies and membership groups, other companies such as nonprofit groups.
Joint marketing

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

  • Our joint marketing partners include financial service companies.

Other important information

Do Not Call Policy. This notice is the Bank of America Do Not Call Policy under the Telephone Consumer Protection Act. We do not solicit via telephone numbers listed on the state or federal Do Not Call lists, unless the law allows. Bank of America employees receive training on how to document and process telephone marketing choices. Consumers who ask not to receive telephone solicitations from Bank of America will be placed on the Bank of America Do Not Call list and will not be called in any future campaigns, including those of Bank of America affiliates.
Call Monitoring and Recording. If you communicate with us by telephone, we may monitor or record the call.

For Nevada residents only. We are providing you this notice under state law. You may be placed on our internal Do Not Call List by following the directions in the To limit direct marketing contact section. Nevada law requires we provide the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; Phone number: 702.486.3132; email: aginfo@ag.nv.gov. Bank of America, P.O. Box 25118 Tampa, FL 33622-5118; Phone number: 888.341.5000; Click on “Contact Us” at bankofamerica.com/privacy.

Vermont: Under Vermont law, we will not share information we collect about Vermont residents with companies outside of our corporate family, unless the law allows. For example, we may share information with your consent, to service your accounts or under joint marketing agreements with other financial institutions with which we have joint marketing agreements. We will not share information about your creditworthiness within our corporate family except with your consent, but we may share information about our transactions or experiences with you within our corporate family without your consent.

California: Under California law, we will not share information we collect about you with companies outside of Bank of America, unless the law allows. For example, we may share information with your consent, to service your accounts, or to provide rewards or benefits you are entitled to. We will limit sharing among our companies to the extent required by California law.

For Insurance Customers in AZ, CA, CT, GA, IL, ME, MA, MN, MT, NV, NJ, NC, OH, OR and VA only. The term “Information” in this part means customer information obtained in an insurance transaction. We may give your Information to state insurance officials, law enforcement, group policy holders about claims experience or auditors as the law allows or requires. We may give your Information to insurance support companies that may keep it or give it to others. We may share medical Information so we can learn if you qualify for coverage, process claims or prevent fraud or if you say we can. To see your Information, write Insurance Services, TX2-980-01-43, 4200 Amon Carter Blvd., Fort Worth, TX 76155, Attn: Data Request. You must state your full name, address, the insurance company, policy number (if relevant) and the Information you want. We will tell you what Information we have. You may see and copy the Information (unless privileged) at our office or ask that we mail you a copy for a fee. If you think any Information is wrong, you must write us. We will let you know what actions we take. If you do not agree with our actions, you may send us a statement.

For MA Insurance Customers only. You may ask in writing, for the specific reasons for an adverse underwriting decision. An adverse underwriting decision is where we decline your application for insurance, offer to insure you at a higher than standard rate or terminate your coverage.

Bank of America U.S. legal entities

Bank of America U.S. legal entities that utilize the names: Bank of America, Banc of America, U.S. Trust or Merrill Lynch, as well as the following entities: BACAP Alternative Advisors, Inc., General Fidelity Life Insurance Company, Managed Account Advisors LLC, NationsCredit Financial Services Corporation.

Rev. 01/2018

Secure transactions while you travel

Verify Your Visa Card is With You

When you make a purchase, we use your phone’s location services capability to compare where the purchase is made to where your phone is located. The feature works with both cellular and Wi-Fi, meaning that if you’re overseas and prefer to avoid using cell service, Verify Your Visa Card is With You will still work when you’re on Wi-Fi.

Here's how to enroll in Verify Your Visa Card is With You:

  1. Sign in to the Bank of America mobile app.
  2. Select Menu from the Accounts screen. (You may need to scroll to the right to locate the Menu button.) 
  3. Select Profile and settings.
  4. Turn on Verify your Visa Card is With You.
  5. Make sure your location services is set to always for the Bank of America mobile. This option can usually be located in your phone’s settings.
Bank of America is an industry leader in overall safety in banking.

Browser check


Browser in use:
 

Congratulations! Your internet browser meets our security requirementsPlease update your Internet browser to ensure your information is secure

Update your privacy choices

You can review and revise your marketing and information-sharing choices online.
(You may also visit a
financial center
or
call 888.341.5000)

Update your privacy choices

Previously opted out of email from us? Visit this page to opt back in

Security tools