Effective Date: January 1, 2020
Who We Are
Information We Collect
Information you provide
You may choose to provide Finicity with information including, but not limited to:
- Phone Number
- Email Address
- Personal Identification Numbers (PINS)
- Date of Birth
- Social Security Number
To maximize the value of the Services, we may request you to provide additional information. Whenever we ask for additional or optional information, we identify those fields appropriately so you may know what information is required to provide the requested Service. If you choose to withhold any Personal Data requested by us, it may not be possible for you to gain access to certain parts of the Services you wish to use, or for us to respond to you appropriately.
Information we receive when you test our Services
You may provide us with Login Information to access your bank or other financial accounts when you test or use our Services. If you test or use our Services, we may collect information from your financial institution, including but not limited to:
- Bank Statements
- Bank transactions
- W-2s and other tax related documentation
Information we collect automatically
- Log Information. We collect information about your computer or web browser in order to analyze trends and administer our websites. This information is collected in a generic aggregate format and is not linked to personally identifiable information.
- Cookies. In order to better serve you and protect your account information, we use “Cookies,” nuggets of data that are stored on your hard drive as a file. Cookies data are usually stored on your computer’s hard drive as a file in a web browser folder called “Cookies,” and you can delete this file anytime you choose. The cookies used on our Services are valid only for the current session and become invalid shortly thereafter. Cookies created by our Services will only work with our Services
How we use your information
- To verify your identity, which is required to give you access to our Services;
- To verify your accounts and establish the requested service with the service provider(s) of your choice, including financial institutions, brokerage houses, and credit card companies;
- To perform services on your behalf or for a service provider;
- If you subscribe to a Service requiring payment, to process the initial payment and all subsequent payments;
- To help us improve and personalize the content and functionality of our Services;
- To help us understand your usage of the Services to improve the Services;
- To communicate with you regarding customer service matters, questions and other various comments you may send to us;
- To inform you about products, services, offers, and events we offer or sponsor, and to provide news and other information we believe may interest you;
- To communicate various technical and administrative messages regarding the Services, including notices of technology updates;
- To offer you the option to participate in contests or surveys regarding the Services;
- Auditing related to a current interaction with the consumer and concurrent transactions;
- Debugging to identify and repair errors that impair existing intended functionality;
- Undertaking internal research for technological development and demonstration;
- To maintain legal and regulatory compliance;
- To enforce compliance with our Terms and Conditions and Policies; and
- For any other purpose disclosed to you at the time we collect or receive the information, or otherwise with your consent.
Promotions. When we send you promotional information, we give you the opportunity to opt-out of receiving further information. Simply use the unsubscribe feature provided within each email or contact Finicity (firstname.lastname@example.org). If you opt-out from receiving promotional materials, you may continue to receive important service announcements, which contain information about the Services to which you subscribe.
How we share your information
- With your consent and at your discretion;
- With Finicity-approved partners with whom you have enrolled for services after coming to Finicity;
- With third party service providers whom Finicity employs to provide marketing, security, development or other business processes or to provide services on our behalf;
- When we reasonably believe such disclosure is required to comply with the law, an investigation or other legal process, such as a court order or a subpoena;
- In connection with a sale, merger, transfer, exchange or other disposition of all or a portion of a business operated by Finicity.
How we handle / secure Your Information
Because Finicity is trusted with your personal financial information, Finicity has implemented the following administrative, technical, and physical security controls that are designed to safeguard your personal information. However, no online activity is ever fully secure or error-free. While we strive to protect your information, we cannot guarantee that your personal information is absolutely secure. Please keep this in mind when disclosing any information to Finicity.
- Finicity encrypts all data at rest using rotating AES 256bit keys, created and stored without human involvement.
- Finicity transmits all data using TLS1.2 with strong cipher suites and only uses legitimate SSL certificates.
- Our services and systems are audited for our handling of security and confidentiality by a 3rd party independent audit firm twice annually; once for SOC2, Type 2.
- Finicity will encrypt or redact social security numbers, driver’s license numbers, account numbers, credit or debit card numbers—in combination with any required security code, access code, or password that would permit access to an individual’s financial account
Please recognize that protecting your Personal Information is also your responsibility. We urge you to take every precaution to protect your information when you are on the Internet, or when you communicate with us and with other parties through the Internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser. If you have reason to believe that your interaction with us or our approved partners is no longer secure, please let us know immediately by contacting us as indicated in the Contact Us section below.
By using our Services, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security breach involving your Personal Information, we may attempt to notify you electronically by sending an email to you. To withdraw your consent to receive electronic notice of a data breach, please email us at email@example.com.
Our Legal Basis for Handling Your Information
Some jurisdictions require us to disclose the legal basis on which we rely to use or disclose your information. To the extent those laws apply, our legal basis are as follows:
- Consent: Where required by law, and in some other instances, we handle your information on the basis of your consent, whether express or implied.
- Our contractual obligations to you: Our handling of your information is to meet our contractual obligations to you, or to take steps at your request in anticipation of entering into a contract with you. Our contractual obligations to you may include the creation of your account and the provision of the Services to you.
- Legitimate Business Interest: We handle your information in order to provide you with Services and accomplish our legitimate business purposes.
International Transfer of Data
Finicity stores and processes your Personal Information on servers located in the United States of America for the purposes described in this Privacy Statement. If you are a resident of a country outside of the United States, you agree as a part of this Privacy Statement to the global transfer, process, and storage of your personal information.
Do Not Track Policy
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. We currently do not respond to browser “do not track” signals.
Correcting/Updating Personal Information
We provide you with the opportunity to update, correct or erase your account, financial and credit card information on our website. You may review and update your contact information (name, address, and email address) by contacting Finicity Support via email (firstname.lastname@example.org), phone (801) 984-4200, or the chat function within the Services.
In some jurisdictions, and subject to certain legal limitations and exceptions, you may have additional privacy-related rights, including:
- Right to Access the personal information we have in our custody and control (subject to certain legal limitations);
- Right to Deletion of the personal information we have in our custody and control (subject to certain legal limitations);
- Right to Opt-Out of the Sale of Your Personal Information (if any such information is being sold);
- Right to have personal information corrected if you believe there are any errors in your personal information;
- Right to object to the use of your personal information for certain purposes.
- Right not to be discriminated against for exercising any of the rights listed above.
To exercise the rights listed above under applicable law(s) or to obtain more information, please contact us at the contact details listed below. We may require additional information to verify your identity, which will be used solely for that purpose.
State-Specific Privacy Rights:
The following states have implemented specific privacy-related rights for their residents. If you are a resident of one of these states, please click on your state below for more information:
You must be at least 18 years old to use our Services. We do not knowingly direct our Services to children or collect, use, or disclose information about minor visitors. If you use our Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence. If you believe your child has provided us with personal information, please alert us at email@example.com. If we learn that we have collected personal information from a minor, we will promptly take steps to delete such information.
434 West Ascension Way, Suite 200
Salt Lake City, UT 84123