Privacy Policy: Notice of Privacy Practices for Consumers

May 17, 2016 | By More
Share on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn1Share on Reddit0Email this to someone

Privacy Policy Notice of Privacy PracticesWhat did you do with the last privacy notice you received from a financial institution or creditor?  I’m going to hazard a guess you glanced at it then proceeded to dump it in the trash bin or file it away.  I understand these privacy notices have a lot of small print and are as dry as unbuttered toast for reading content.  But when it comes to your personal financial information being shared by your bank, insurance company, financial services provider, and others, you need to know what these institutions are sharing.

Before we highlight some points regarding privacy policy and notice of privacy practices, let’s look at the basic purpose of a privacy notice, which is provided by the Federal Trade Commission (1):

A privacy notice explains a company’s information-sharing practices regarding your personal financial data.  A consumer may, in some cases, limit the amount of information to be shared by the institution.

Money smart consumers know the value of keeping their personal financial information safe.  Therefore, we need to be well aware of how companies who have access to this extremely sensitive data are managing it.  We have provided some excellent resources for you to review the topic of privacy policy and privacy notices in greater detail in our Tips to Read, Homework, and Optional Homework.  Honestly, the issue of privacy notices and privacy policy is a complex subject.  However, if you can simply be familiar with the basics, you’ll be fine.

In the interim, let’s look at some highlights about privacy notices.  For convenience, we are presenting some facts in a Q&A format.

Q:  What types of companies must provide their customers with a privacy policy?

A:   Companies that provide financial data to affiliates and non-affiliates.  These can include your bank, insurance company, retail department store (credit card issued) and financial services provider.  Other types are listed at the Federal Trade Commission website.

Q:  Why do the above companies share your personal financial information with other affiliates and non-affiliated companies?

A:   The personal financial data on you is used to create targeted service and/or product offerings.

Q:  Does a consumer have the option to stop the institution from sharing this personal financial data?

A:   Yes and no.  The Federal Trade Commission highlights the actions consumers can take to “opt out” of this information sharing by an institution.  An example is data sharing obtained from your credit report.  A consumer can “opt out” of the company sharing personal financial data with an affiliated entity.

However, keep in mind that in some cases, you’ll have no say-so on what data can be shared.  The FTC provides an example:  “…information about you to firms that help promote and market the company’s own products or products offered under a joint agreement between two financial institutions.”

Q:  How often is a privacy notice provided to the consumer?

A:   There are some general times a consumer will receive a privacy notice from an institution.  When you open an account with a bank, for example, you will receive its privacy notice.  Moving forward, you will receive a privacy notice annually, which is required by law.  Another circumstance of privacy notice receipt is if a change has occurred to the company’s privacy policy.

Again, keep in mind that depending on the circumstance and institution, you may receive a privacy notice in a variety of ways.  Often, consumers will receive a privacy notice in the mail.  Some situations will permit the institution to send you privacy notices electronically through email.  Others, if meeting certain requirements, may be permitted to, “post their annual privacy notices online rather than delivering them individually.” (2)

Q:  What law does the privacy notice fall under?

A:   The issue of privacy disclosures is referenced in the Gramm-Leach-Bliley Act (GLBA).  “Under the current GLBA Privacy Rule, financial institutions must mail an annual privacy notice to their customers that sets forth how they collect, use and disclose those customers’ nonpublic personal information and whether customers may limit such sharing.” (3)

If you are a consumer who wants to dig into the details about GLBA, you can read the specifications of the GLBA provided in the FDIC Compliance Examination Manual — December 2015.  For your reading purposes, the first pages up to “Examination Procedures” will be all you need.  However, it is interesting to see what the FDIC requires of banks regarding privacy policy and notices.

Today’s Post is essentially a reminder of why you should not just toss or file a privacy notice away before reading it.  I understand that for many consumers, the thought of reading through this “boring” material is tough.  But, let’s be clear.  There are numerous institutions that have your personal financial data in hand.  They are using it.  Don’t you think it’s a good idea to be aware of what they are doing with your data?

Please share today’s Post with friends and family.  It’s empowering to know the details about your personal finances, isn’t it?

Tips to Read:

Privacy Choices for Your Personal Financial Information, Federal Trade Commission

CFPB Finalizes Rule to Promote More Effective Privacy Disclosures,  Consumer Financial Protection Bureau, Press Release, October 20, 2014

President Signs Law Providing Exception to Annual Privacy Notice Requirement under the Gramm-Leach-Bliley Act, posted on Hunton & Williams website, its Privacy & Information Security blog,  December 7, 2015


VIDEO: Learn some insightful intel on how companies share your personal data from the Federal Trade Commission on Sharing Information: A Day in Your LifeThis is a must-see video!

Optional Homework:

Consumer Financial Protection Bureau’s Amendment to the Annual Privacy Notice Requirement Under the Gramm-Leach-Bliley Act (Regulation P).  This is a 94 page document.  Of note, are the first 3 pages of the document that discuss the purpose and delivery of Privacy Notices to consumers.


(1)  Federal Trade Commission website on Privacy Choices for Your Personal Financial Information

(2)  Consumer Financial Protection Bureau website on final rule on privacy disclosures

(3)  Hunton & Williams Privacy & Information Security blog

Tags: , , , , , ,

Category: Banking, Community Banking, Credit Unions, FDIC, Money Tips on the Web, New to Banking

Comments are closed.