FIA Consumer Privacy Notice
Rev. 01/2014


FACTS

WHAT DOES FIA CARD SERVICES DO WITH YOUR PERSONAL INFORMATION?

Why? Financial companies choose how they share your personal information, which, under Federal law, means personally identifiable information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What? The types of personal information we collect and share depend on the product or service you have with us.
This information can include:
  • Social Security number and income
  • account balances and transaction history
  • credit history and credit scores
How? All financial companies need to share customers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers' personal information, the reasons FIA Card Services chooses to share and whether you can limit sharing.


Reasons we can share your personal information Does FIA Card Services share? Can you limit this sharing?
For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus Yes No
For our marketing purposes — with service providers we use to offer our products and services to you Yes No
For joint marketing with other financial companies Yes No
For our affiliates' everyday business purposes — Information about your transactions and experiences Yes No
For our affiliates' everyday business purposes — Information about your creditworthiness Yes Yes
For nonaffiliates to market to you Yes Yes


To limit our sharing Call 1.866.325.8310
Please note:
If you are a new customer, we can begin sharing your information 45 days from the date we sent this notice. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing.
Questions? Refer to the customer service number printed on the back of your card or on your account statement.


Who we are
Who is providing this notice? Bank of America, N.A. also known as FIA Card Services.


What we do
How does FIA Card Services protect my personal information? To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does FIA Card Services collect my personal information? We collect your personal information, for example, when you:
  • open an account
  • pay your bills
  • give us income or employment information
  • use your credit card
We also collect your personal information from others, such as credit bureaus, affiliates or other companies.
Why can't I limit all sharing? Federal law gives you the right to limit some but not all sharing related to:
  • sharing for affiliates' everyday business purposes—information about your creditworthiness
  • affiliates from using your information to market to you
  • sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
(See below for more information on your rights under state law.)
What happens when I limit sharing for an account I hold jointly with someone else? Your choices will apply individually unless you tell us otherwise, except for your choice to limit sharing with nonaffiliates to market to you where your choice will apply to all joint account holders. If you have more than one account and you choose to opt out, you will need to do so for each account.


Definitions
Affiliates Companies related by common ownership or control. They can be financial and nonfinancial companies.
  • IFIA Insurance Services, Inc.
Nonaffiliates Companies not related by common ownership or control. They can be financial and nonfinancial companies.
  • Nonaffiliates we share with can include financial services companies, such as insurance agencies, nonfinancial companies such as retailers and travel companies, other companies such as nonprofit organizations, government agencies, and to other nonaffiliated third parties as requested by you or your authorized representative, or when required or permitted by law.
Joint Marketing A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
  • Our joint marketing partners include financial services companies.


Other important information
Vermont: In accordance with Vermont law, FIA Card Services will not share information we collect about Vermont residents with companies outside of FIA Card Services, except as permitted by law, such as with the consent of the customer, to service the customer's accounts or to other financial institutions with which we have joint marketing agreements. FIA Card Services will not share Application Information, Consumer Report Information and Information from Outside Sources about Vermont residents among the FIA Card Services companies except with the authorization or consent of the Vermont resident.
California: In accordance with California law, FIA Card Services will not share information we collect about California residents with companies outside of FIA Card Services, except as permitted by law, such as with the consent of the customer, to service the customer's accounts, or to fulfill on rewards or benefits. We will limit sharing among our companies to the extent required by applicable California law
For Insurance Customers in AZ, CA, CT, GA, IL, ME, MA, MN, MT, NV, NJ, NC, OH, OR and VA only. "Information" in this part means customer information obtained in an insurance transaction. We may give your Information to state insurance officials, law enforcement, group policy holders about claims experience or auditors as the law allows or requires. We may give your Information to insurance support companies that may keep it or give it to others. We may share medical Information so we can learn if you qualify for coverage, process claims or prevent fraud, or if you say we can. To see your Information, write Insurance Services, TX2-977-01-39, 5401 North Beach Street, Fort Worth, TX 76137, Attn: Data Request. You must state your full name, address, the insurance company, policy number (if relevant) and the Information you want. We will tell you what Information we have. You may see and copy the Information (unless privileged) at our office or ask that we mail you a copy for a fee. If you think any Information is wrong, you must write us. We will let you know what actions we take. If you do not agree with our actions, you may send us a statement.
For MA Insurance Customers only. You may ask in writing for the specific reasons for an adverse underwriting decision. An adverse underwriting decision is where we decline your application for insurance; offer to insure you at a higher than standard rate; or terminate your coverage.


Online Privacy Notice — effective January 4, 2013


The Online Privacy Notice explains how we may collect information from you online when you visit the FIA Card Services (NetAccess), Web site.

Consumer Privacy Notice

In addition to the protections you enjoy through our Online Privacy Notice, your online activities may also be covered by our Consumer Privacy Notice. The Consumer Privacy Notice explains our collection, use, sharing and security of consumer information and applies to FIA Card Services products and services offered within the United States for consumer purposes.

Cookies
Cookies are pieces of information stored directly on the computer you are using. FIA Card Services may place cookies or similar files such as Flash objects on your hard drive for security purposes and to facilitate site navigation. Cookies allow us to collect technical and navigational information, such as browser type, time spent on our site and pages visited. Cookies provide us the capability to monitor the use of our site so we can continually improve the design and functionality to better serve you. Cookies and similar files we use do not contain or capture unencrypted personal information. If you choose not to accept cookies from our site, then you may not be able to access and use all or part of the site or benefit from the information and services offered. For example, we will not be able to recognize your computer and you will need to answer a challenge question each time you use our online service.

Flash objects
FIA Card Services uses Flash objects (sometimes referred to as "Local Shared Objects") in two ways. First, as part of our solution for online authentication, we use Flash objects to help us recognize you and your computer when you come back to our site. Second, for our pages running Adobe Flash content (demos and tutorials with moving content), we use Flash objects to determine your browser type and version of Adobe® Flash® in order for you to view the content. As with cookies, we never store personal information in these Flash object files unless encrypted. You can learn more about Flash objects — including how to control and disable them — through the Adobe interface. If you choose to delete Flash objects from our Web site, then you may not be able to access and use all or part of the Web site or benefit from the information and services offered.

Collecting information
When you visit our Web site, we may collect information from you to conduct our business and deliver the top-quality service you expect. We may collect technical information regarding your computer and operating systems; such as your Internet Protocol (IP) address, domain name, system configuration and settings.

Sharing information
FIA Card Services may make information available to third parties that are financial and nonfinancial companies not related by common ownership or control. Financial services companies such as insurance agencies; nonfinancial companies such as retailers and travel companies; other companies such as nonprofit organizations, government agencies; and to other nonaffiliated third parties as requested by you or your authorized representative, or when required or permitted by law. Unless otherwise described in this notice, we will use and share any information that we collect from or about you that is covered by this notice in accordance with the FIA Consumer Privacy Notice.

Promotions and offers
FIA Card Services sometimes displays reminders of promotions or offers that you are currently eligible for. If you click on one of these reminders, you link to the FIA Card Services page for additional information to take advantage of the promotion or offer.

Additional information

Making sure information is accurate
Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please use the Contact Us option on our Web site, or call or write to us at the telephone number or appropriate address for such changes listed on your account statement, bank records or other account materials.

Aggregation sites
Aggregation sites are Internet sites that allow you to consolidate account information from several sources to be viewed on one site. To do this, an aggregation provider may request access to your personal information, including financial information, your username and passwords. You should use caution and ensure that the aggregator company has appropriate policies and practices to protect the privacy and security of any information you provide or to which they are gaining access.

  • Using aggregation sites. If you provide username, password, or other information about your FIA Card Services accounts to an aggregation site, we will consider that you have authorized all transactions initiated by an aggregation site using access information you provide, whether or not you were aware of a specific transaction.

If you decide to revoke the authority you have given an aggregation site, we strongly recommend that you change your FIA Card Services password to ensure that the aggregation site cannot continue to access your account. We are not responsible for the use or disclosure of any personal information accessed by any company or person to whom you provide your FIA Card Services Web site username and password.

Safeguarding Social Security numbers
FIA Card Services Social Security Number Policy (1) protects the confidentiality of Social Security numbers, (2) prohibits unlawful disclosure of Social Security numbers, and (3) limits access to Social Security numbers.

E-mail fraud
One of the most common types of email fraud is the practice of sending a phony email message, which is sometimes referred to as "phishing." Such phony emails are disguised as legitimate, and often include company logos that look real.

Emails such as these are most likely from criminals who send thousands of emails at a time to random addresses. These criminals are trying to entice the recipient to visit a phony website and provide personal and confidential information, such as online IDs and password, or Social Security numbers and account numbers. Although the site may look like a bank's, it is not — which is why this practice is known as "spoofing."

Looking out for children
We do not knowingly collect information from children under 13 without parental consent. If you are under 13, please do not enter your personal information. For more information about the Children's Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website.

Changes to the Online Privacy Notice This Online Privacy Notice is subject to change. Please review it periodically. If we make changes to the Online Privacy Notice, we will revise the effective date at the top of this notice. Any changes to this notice will become effective when we post the revised notice on this Web site. Your use of the Web site following these changes means that you accept the revised notice.