This is Bank of America's privacy notice explaining what personal information they collect about you and who they share it with. They collect sensitive financial data like your Social Security number, account history, and credit information, and they share some of it with affiliated companies and outside businesses for marketing purposes — though you can opt out of some of this sharing. California residents have additional rights including the ability to request deletion of their data.
Technical Summary
Bank of America's U.S. Consumer Privacy Notice (last updated January 2026) governs the collection, use, and sharing of personal information for retail banking customers in compliance with the Gramm-Leach-Bliley Act (GLBA). The notice discloses that Bank of America shares consumer data across multiple categories including affiliates for marketing purposes, nonaffiliates for joint marketing, and third parties for everyday business operations. Consumers retain limited opt-out rights for certain sharing activities — specifically affiliate marketing and nonaffiliate sharing for marketing purposes — but have no right to limit sharing for core operational purposes such as servicing accounts, fraud prevention, and legal compliance. The document also references California Consumer Privacy Act (CCPA) rights for California residents, including the right to know, delete, and opt out of the sale of personal information. Collected data includes Social Security numbers, employment information, account balances, transaction history, credit information, assets, and investment experience.
Institutional Analysis
This notice is structured to satisfy Gramm-Leach-Bliley Act (GLBA) annual privacy notice requirements and Regulation P disclosure obligations, covering all sharing categories mandated by the model pr…
This notice is structured to satisfy Gramm-Leach-Bliley Act (GLBA) annual privacy notice requirements and Regulation P disclosure obligations, covering all sharing categories mandated by the model privacy form. Compliance teams should note the dual-track opt-out framework — GLBA opt-outs for affili…
🔒
Compliance intelligence locked
Regulatory exposure, material risk, and due diligence action items.
Bank of America shares your personal information with certain third parties — such as for fraud prevention, servicing your account, and legal compliance — and you cannot opt out of this type of sharing.
Bank of America collects highly sensitive personal information including your Social Security number, employment information, account balances, transaction history, credit information, assets, and investment experience.
Bank of America shares your personal financial information with its affiliated companies so they can market their products and services to you. You have the right to opt out of this type of sharing.
Bank of America shares your personal information with outside companies under joint marketing agreements, such as other financial companies they partner with to offer products. You may be able to limit this sharing.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what data is collected, request deletion of your data, and opt out of the sale of your personal information.
Bank of America shares your personal information with government agencies, law enforcement, and fraud prevention organizations as required by law or to protect against fraud — and you cannot opt out of this sharing.