Privacy Policy, Online Privacy Statement, and California Privacy Statement

Rev 12/2022

Online Privacy Statement

This Online Privacy Statement ("Privacy Statement") describes Credit One Bank's online and mobile privacy practices and applies to websites, mobile applications that run on smartphones, tablets, and other devices ("apps"), and additional services (collectively, the “Services”) that we offer which link to this Privacy Statement.

Information you provided Credit One Bank when you applied for or obtained a product or service from us is also governed by a separate "Privacy Policy” notice at the top of this document. If you are such an applicant or customer, please refer to that notice for additional information about our privacy practices.

By using the Services, you agree that your personal information will be collected, used, and shared in accordance with the terms and conditions of this Privacy Statement.  Your use of the Services is subject to this Privacy Statement and our Terms of Use, which are incorporated by reference into this Privacy Statement.

---

Information We Collect – and How We Collect It

Our Services are not intended to be used by children. We do not intentionally collect personal information from children under 13 without permission from their parent or legal guardians. If you become aware that a child has provided us with personal information without parental consent, please call us at 877-825-3242. For more information about the Children's Online Privacy Protection Act (COPPA), please refer to the FTC's website at https://www.ftc.gov/business-guidance/privacy-security/childrens-privacy.

When you use our Services, we may collect Personal Information that you submit to us voluntarily, or Online Activity Data that we collect.

Personal Information is information such as your name, mailing address, email address, telephone number, Social Security number, or other information that identifies you. This information may be collected when you voluntarily provide it to us through forms on our website or in our apps. These forms could include survey forms, credit card applications, contest entries, and sign in pages for online banking or mobile application access.

Online Activity Data includes information such as your IP address, browser type, and display/screen settings; how you interact with our website and apps; mobile device and advertising IDs; social media preferences and other social media data. This data may be collected using cookies and other online tracking devices such as web beacons, depending on your browser settings. Cookies are small pieces of data sent from a website and stored on your computer by your web browser that can allow other websites that you visit to track your browsing activities. A web beacon is a small string of HTML code that represents a graphic image on a website or email. Credit One Bank may also associate with third parties to deliver advertisements and monitor activities on our own website and other websites. These business partners may use their own cookies, web beacons, and/or other monitoring technologies to compile statistics about website visitors. Additionally, Credit One Bank may collect Online Activity Data when you use our apps or your mobile device browser to access our website, such as geolocation data (if you have enabled location services on your device). Credit One Bank may also collect Online Activity Data or information such as your likes, interests, feedback, and preferences when you interact with our official pages on social media platforms including Facebook, Twitter, LinkedIn, YouTube, and Instagram. Please refer to the policies of those companies to better understand your rights and obligations with regard to your activity on those websites.

 

How We Use Information

We may use Personal Information and Online Activity Data we have collected for a variety of reasons, including:

• to enable you to apply for a credit card issued by Credit One Bank
• to enable you to use online tools or perform certain online transactions
• to service and manage your account, including responding to or updating you on inquiries, or to contact you about your accounts or feedback
• to offer you special products and services and deliver advertisements to you in the form of banner ads, interstitial pages (ads that appear as you sign in or sign out of your online accounts), or other promotions
• to analyze whether our ads, promotions, and offers are effective
• to help us determine whether you might be interested in new products or services, and to improve existing products and services or develop new products and services
• to verify your identity and/or location to allow access to your accounts, and conduct online transactions
• to manage fraud and data security risk
• to personalize and optimize your website browsing and app experiences by examining which parts of our website you visit or which aspect of our apps you find most useful
• to comply with federal, state or local laws; civil, criminal or regulatory investigations; or other legal requirements
• to enforce our terms and conditions, protect our operations or those of any of our affiliates, protect our rights, privacy, safety or property and/or that of our affiliates, you or others, or to allow us to pursue available remedies or limit the damages we may sustain
• to share with trusted third parties who are contractually obligated to keep such information confidential and to use such information only to provide the specific services we have asked them to perform.

 

How We Share Information

We may share your information with our affiliates, business partners, and third parties, including:

• Affiliates.   Our related businesses allow us to improve and streamline Services across our banking platform.
• Business partners.   We may offer co-branded services, joint promotions, or other products or services.
• Yodlee.  We may utilize Envestnet | Yodlee (“Yodlee”) in connection with the service we provide you.  When you request data from a source connected to our service, Yodlee may be used to collect that data and provide it to us.  For example, if you link your checking or savings account with a third party institution to your account with us for verification purposes, Yodlee would be utilized to access the third party account, gather the specified information, and pass it on to us.  In such an instance, Yodlee acts on our behalf in this process, which means we may share your data with Yodlee as one of our third party service providers.  For more information on how Yodlee collects, uses, stores, and handles your data please see Envestnet | Yodlee’s FastLink Terms of Service at (https://solutions.yodlee.com/fastlink-terms.html).
• Other third-party service providers.  Our service providers enable us to offer, maintain, and optimize the Services.   They are also contractually obligated to keep such information confidential, and may be subject to various state privacy and data security requirements.
• Government agencies and other third parties.  Information may be shared to comply with the legal demands of subpoenas or court orders, to verify customer identities, to address fraud or security issues, to protect the rights or property of customers or third parties, in connection with a corporate transaction, or otherwise as required by law.
• Mergers and Acquisitions:  We reserve the right to disclose and transfer your personal information: (i) to a subsequent owner, co-owner or operator of the Services or applicable database; or (ii) in connection with a corporate merger, acquisition, consolidation, restructuring, bankruptcy, the sale of substantially all of our membership interests and/or assets, or other corporate change, including during the course of any due diligence process.

Managing Your Online and Mobile Preferences

You are not required to provide Personal Information to browse our websites. If you provide us with Personal Information to obtain a product or service from us, our Privacy Policy above governs how we share Personal Information with our affiliates and third parties.

As you access our online services, cookies and similar technologies allow us to customize content and advertisements for our products and services on our websites or apps. In order to make content and advertising as relevant as possible, we may use information about your relationship with us (such as types of accounts and transactional information). Using cookies can give you additional or easier access to certain features on our website (such as allowing you to sign in easier), and can allow us to provide you with more personalized offers. You can set your browser to not accept cookies or to indicate when cookies are sent.

Some mobile devices come with a non-permanent advertising identifier or ID which gives companies the ability to serve targeted ads to a specific mobile device. In many cases, you can turn off mobile device ad tracking or you can reset the advertising identifier at any time within your mobile device privacy settings. You may also choose to turn off location tracking on your mobile device. By turning off ad tracking or location tracking on your mobile device, you may still see the same number of ads as before, but they may be less relevant because they will not be based on your interests. User mobile data will not be shared.

Currently, our website does not respond to browser "do not track" signals.

Advertising on Third-Party Websites

Behavioral advertising is when companies provide you ads that are intended to be tailored to your specific interests based upon your website browsing history and online activity. Certain Credit One Bank business partners may collect Online Activity Data and provide you with behavioral advertising for Credit One Bank products and services on third-party websites. Our business partners are subject to their own privacy policies. To explore options for opting out of behavioral advertising, visit http://optout.aboutads.info/ or click on the AdChoices icon in an ad and follow the instructions. You may also use the Network Advertising Initiative's (NAI) Opt-Out Tool or other tools provided by the publishing platform. Opting out relies on information in the unique cookies placed on your web browser by our business partners, so if you delete cookies, use a different device, or change web browsers, you may need to opt out of behavioral advertising again.

Additionally, we may work with websites like Google and Yahoo to display ads to you based on search terms you use on those websites. Please review the privacy policies of those websites for instructions on how to limit these ads.

Please note that you may still receive general online advertising from Credit One Bank even after you adjust your ad preferences with certain web search engines or opt out of behavioral advertising through AdChoices or the NAI tool. Such advertising, however, will not be based on Online Activity Data or search term information. Our marketing emails include instructions on how to opt out of receiving such emails in the future.

---

Updating Your Information

Keeping your account information up-to-date is important. You may review or update certain account information by signing in to your account online. If you cannot change the incorrect information online, or you prefer to request changes offline, please see the Customer Service section on our website, or call 877-825-3242 or write to us using the contact information listed on your account statements, records, or other account materials.

Links

Our websites or apps may include links to third-party websites. These third parties are not subject to this Privacy Statement or to the Privacy Policy. Please review their privacy notices when visiting these websites.

Biometric Information

Biometric information includes automatic measurements of an individual's biological characteristics, such as a fingerprint, voiceprint, eye retinas, irises, hand or face geometry, or other unique biological patterns or characteristics. If you provide your consent, our Services may collect your biometric information to allow you to log on to your account more quickly, to confirm your identity, or to secure your account. Credit One Bank will never sell, lease, or disclose your biometric information to any third party. If you close all of your Credit One Bank accounts, we will delete any biometric information we may have about you within a reasonable time, but in no event more than one year after you close your account.

Information Security

At Credit One Bank, we are committed to protecting your personal and financial information. If we collect identifying information from you, we will protect that information with security measures based on internationally recognized security standards, regulations, and industry-based best practices.

Changes to this Privacy Statement

Credit One Bank may change its online privacy practices in the future and we may revise this Privacy Statement. If we make material changes to our privacy statement, we will provide you notice of such changes. If you use our Services after we revise the Privacy Statement, you agree to the updated terms and conditions of this Privacy Statement.

This Privacy Statement was last revised December 5, 2022 and is effective as of that date.

---

Glossary

AdChoices: Allows individuals to opt out of browser-enabled interest-based advertising by some or all participating companies, using opt-out cookies to store your preferences in your browser.

Browser: An application used for accessing websites or information on a computer network. Examples include Chrome, Safari, Edge, Internet Explorer, and Firefox.

Business partners: Companies we work with to jointly market and/or deliver products and services to you. Business partners include affinity or co-brand business partners. They may not use this information to independently market to you unless you consent.

Cookies: Small pieces of data sent from a website and stored on your computer by your web browser that can allow other websites that you visit, and the advertising companies and content partners for those websites, to track your browsing activities.

Privacy Policy: A Credit One Bank product-specific privacy notice, which we provide to customers at account opening and annually thereafter pursuant to federal law. It describes our privacy practices and provides you the right to opt out of certain types of information sharing.

IP address: A unique "Internet Protocol" number assigned to a device connected to the Internet. Credit One Bank treats IP addresses as non-personal information unless otherwise required by law.

Service providers: Vendors with whom we have a contractual relationship to perform services on our behalf. Vendors may not use personal information for any purpose other than carrying out those services.

Social media: Websites and apps that enable users to create and share content or to participate in social networking, such as Facebook, Twitter, LinkedIn, YouTube, and Instagram.

Third-party websites: Sites that are not owned or operated by Credit One Bank and are not subject to our Privacy Statement.

Web beacon (alternatively referred to as a tracking bug, tag, page tag, tracking pixel, pixel tag, or clear gif): An often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an email that is used to monitor the behavior of the user visiting the website or interacting with the email. Web beacons can be used for activities like site traffic reporting, unique visitor counts, advertising auditing and reporting, and personalization.

---

Rev 03/2023

California Privacy Statement

This California Privacy Statement is for California Residents only and supplements the Gramm-Leach-Bliley Act Privacy Policy (“Privacy Policy”). This policy describes:

The personal information that Credit One Bank, N.A. (“we,” “our,” or “us”) collects in the course of its business, explains how this information is collected, used, sold, disclosed, shared, and retained,

The rights provided by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA”) to California Residents (“consumers” or “you”) regarding their personal information, and

How consumers can exercise those rights.

In addition, federal privacy laws protect your financial personal information. Please see our Privacy Policy, which is set forth above for more information.

 What is Personal Information?

We may collect, use, or disclose your personal information. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you (“personal information”). “Personal information” does not include: (1) publicly available information, such as information that is lawfully made available from federal, state, or local records, and (2) de-identified or aggregate consumer information.

With a limited exception, and as noted in other sections of this California Privacy Statement, certain provisions of the CCPA do not apply to personal information covered by or collected under industry-specific federal and state privacy laws including, but not limited to, the Health Insurance Portability and Accountability Act of 1996, the California Confidentiality of Medical Information Act, the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the California Financial Information Privacy Act, and the Driver's Privacy Protection Act of 1994.

 Personal Information We Collect, Use, or Share

The CCPA requires us to disclose certain information regarding our collection, use, sale, sharing, disclosure, and retention of personal information.

Collecting Your Personal Information

In the past 12 months, we have collected the following categories of personal information:

• Identifiers. This may include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
• Personal information described in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)). This may include a name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
• Characteristics of protected classifications under California or federal law. This may include race, religion, sex, disability, marital status, or veteran status.
• Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. This may include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• Biometric information. This may include genetic, physiological, biological, or behavioral characteristics that can be used, singly or in combination with each other or with other identifying data, to establish your identity, including fingerprints.
• Internet or other similar network activity. This may include browsing history, search history, or information on a consumer's interaction with a website, application, or advertisement.
• Geolocation data. This may include physical location or movements.
• Audio, electronic and similar information. This may include call recordings.
• Professional or employment-related information. This may include employment status and current or past job history or performance evaluations.
• Education information. This may include student records and directory information.
• Inferences drawn from other personal information. This may include information, data, assumptions, or conclusions derived from facts, evidence, or another source of information or data reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
• Sensitive personal information.  This may include a social security, driver’s license, state identification card, or passport number. This term, as used in this California Privacy Statement, also refers to geolocation data and characteristics of protected classifications under California or federal law.

In the past 12 months, we have collected personal information from the following categories of sources:

• You (or your representative)
• Data Analytics Providers
• Marketing Partners
• Our websites and mobile applications
• Third-party websites, such as social media websites
• Service Providers
• Credit reporting agencies
• Government agencies

We may collect and disclose your personal information for the following business or commercial purposes:

• Account Services: We use personal information to offer our account services, including: (1) establishing, maintaining, supporting, and servicing an account you may have opened with us and for which you provided the information or that you may have applied for or established with us; (2) providing services, products, or information you may have requested from us; and (3) performing services such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, or providing similar services on our own behalf or on the service provider’s behalf.
• Employee Services:  We use personal information to perform background checks necessary to comply with licensing requirements, to perform reference checks, to verify eligibility to work in the United States, for contact purposes, to assess your qualification for employment, to conduct performance evaluations, for payroll and budgeting purposes, for implementation of employee benefits, for internal organizational purposes to establish proper accommodations for sick time, PTO, leaves of absences, or emergency situations, and to conduct health screenings as allowed by OSHA and the CDC to protect the safety of our employees during pandemic situations.
• Security and Fraud Detection: We use personal information for our security and fraud detection services including: detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity.
• Debugging: We use personal information to engage in debugging to identify and repair errors that impair existing intended functionality.
• Improvement of Products and Services: We use personal information to verify, maintain, and improve our products and services.
• Internal Research: We use personal information for our internal research related to technological development and demonstration.
• Advertising and Marketing Services: We use personal information to provide advertising or marketing services on our own behalf.
• Audits: We use personal information to audit current interactions with you and related transactions (e.g., counting and verifying ad impressions, auditing compliance).
• Merger/Acquisition/Bankruptcy, etc.: We may use your personal information as part of a merger, acquisition, bankruptcy, or other transaction where a third party assumes control of us.
• Commercial/Economic Interests: We use personal information to advance our commercial or economic interests.
• Legal Obligations: We use personal information to comply with legal obligations.

Sale and Sharing of Personal Information and Disclosure of Sensitive Personal Information

In the past 12 months, we have not “sold” or “shared” personal information subject to the CCPA, including personal information of minors under the age of 16, nor do we intend to do so in the future. We do not and will not sell or share your personal information. If that changes, we will notify you and provide you with any opt-out rights required under the CCPA. For purposes of this Disclosure, “sold” means the disclosure of personal information to a third-party for monetary or other valuable consideration, and “shared” means the disclosure of personal information to a third-party for cross-context behavioral advertising.

We also have not used or disclosed Sensitive Personal Information outside of the exceptions allowed for in the CCPA and its implementing regulations. If that changes, we will notify you and provide you with any opt-out rights required under the CCPA.

Disclosing Your Personal Information for a Business or Commercial Purpose

We may disclose your personal information to employees, service providers, or contractors in order to carry out specific business or commercial purposes. In the preceding 12 months, we have disclosed the following categories of consumer personal information for business or commercial purposes to service providers and the following categories of third parties:

• Identifiers  to Data Analytics Providers, Marketing Partners, credit reporting agencies, Third Party Websites such as social media companies, human resource vendors, government agencies, third party auditors, and legal counsel.
• Personal information described in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)) to Data Analytics Providers, Marketing Partners, credit reporting agencies, Third Party Websites such as social media companies, human resource vendors, government agencies, third party auditors, and legal counsel.
• Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies  to Marketing Partners, credit reporting agencies, Third Party Websites such as social media companies, and legal counsel.
• Biometric information  to human resource vendors and government agencies.
• Internet or other similar network activity  to Data Analytics Providers, Marketing Partners, Third Party Websites such as social media companies, and legal counsel.
• Characteristics of protected classifications under California or federal law  to human resource vendors, government agencies, and third party auditors.
• Geolocation data  to Data Analytics Providers, Marketing Partners, Third Party Websites such as social media companies, and legal counsel.
• Professional or employment-related information  to human resource vendors and government agencies.
• Education information  to human resource vendors.
• Inferences drawn from other personal information  to Data Analytics Providers, Marketing Partners, Third Party Websites such as social media companies, and legal counsel.

 

How Long We Retain Your Personal Information

We store personal information for as long as we believe is reasonably necessary or appropriate to fulfil our business purposes or to comply with applicable law, audit requirements, regulatory requests, or orders from competent courts.

 Your Rights under the CCPA

As described in more detail below, the CCPA provides you with certain rights regarding the collection, use, and disclosure of your personal information. The CCPA also provides consumers with certain rights (for example, opt-out rights) if a business sells or shares personal information, which we do not do.

With a limited exception, the rights described below do not apply to certain personal information, including, for example, covered by or collected under industry-specific federal or state privacy laws including, but not limited to, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the California Financial Information Privacy Act, and the Driver’s Privacy Protection Act. For more information, please see our Privacy Policy above.

The Right to Know About Personal Information Collected, Shared, Sold, or Disclosed

---

When we collect information, you have the right to know:

• The categories of personal information to be collected, the purposes for which the categories of personal information are collected or used, and whether that information is sold or shared;
• The categories of sensitive personal information to be collected, the purposes for which the categories of sensitive personal information are collected or used, and whether that information is sold or shared; and
• The length of time the business intends to retain each category of personal information, including sensitive personal information.

You should have received this information at or before the point that we collected information from you.

You also have the right to request that we provide you with certain information about the personal information we collect, use, or disclose, as well as the categories and specific pieces of information that we have collected about you. Specifically, you have the right to request the following:

• The specific pieces of personal information we have collected about you.
• The categories of personal information we have collected about you, and:
• The categories of sources from which the personal information was collected.
• Our business or commercial purpose for collecting the personal information.
• The categories of third parties to whom we disclose personal information.
• If we disclosed your personal information for a business purpose, the categories of personal information that we disclosed about you and the categories of third parties to whom we disclosed that personal information for a business purpose.

However, there is certain information that we will not disclose to you. This information includes but is not limited to your social security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, security questions and answer, or unique biometric data generated from measurements or technical analysis of human characteristics.

The Right to Request Deletion of Personal Information

---

You have the right to request that we delete any personal information that we have collected from you and maintained about you unless there is a reason we need to keep the information. Once we receive and confirm your verifiable consumer request, if we determine that we must comply with a deletion request and delete your personal information from our records, we will also direct any service providers, contractors, and other third parties we work with to delete your personal information from their records. If we store any of your personal information in our archived or back-up systems, we will delete your information once the systems are accessed, restored, and/or used.

Please note that we may deny your deletion request for a number of different reasons, which are identified in the CCPA.

The Right to Request Correction of Inaccurate Personal Information

---

You have the right to request that we correct any inaccurate personal information that we have collected from you and/or maintained about you. Once we receive and confirm your verifiable consumer request, if we determine that we must comply with a correction request and correct inaccuracies in – or, as may be appropriate, delete – your personal information from our records, we will also direct any service providers we work with to correct or delete your personal information from their records. If we store any of your personal information in our archived or back-up systems, we will correct or delete your information once we access, restore, and/or use the systems.

The Right to Non-Discrimination or No Retaliation

---

We will not discriminate or retaliate against you for exercising any of your CCPA rights. For example, unless otherwise permitted by law, we will not:

Deny you goods or services.

Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

Provide you with a different level or quality of goods or services.

Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Other Rights

---

You also have the right to opt-out of the sale/sharing of your personal information and to limit the use or disclosure of any Sensitive Personal Information. We do not sell or share personal information or use or disclose any Sensitive Personal Information other than as allowed by the CCPA and its implementing regulations.

 Exercising Your Rights under the CCPA

Submitting a Verifiable Request to Know, Correct, or Delete Personal Information

To exercise your Right to Know, Correct, or Delete your personal information, please submit a verifiable consumer request to us by:

• Phone: 1-877-791-4133
• Email: CAprivacy@creditone.com

To submit a verifiable consumer request, you (or your authorized agent) will be asked to provide:

• If you are a current or former customer, you must provide the following information:

1. First and Last Name,
2. Home Address,
3. Email Address,
4. Telephone Number, and
5. Credit One Bank Account Number

• If you are not a current or former customer you must provide

1. All the information required for a current customer (not including a Credit One Bank Account Number)
2. A copy of the front and back of your Driver’s License or State ID card, mailed to:

Credit One Bank
ATTN: CCPA - Compliance
PO BOX 98838
Las Vegas, NV 89193-8838

Only you (or an authorized agent) may make a verifiable consumer request.

Verifying Your Identity

Once you submit your verifiable consumer request, we will verify your identity by matching the information you provided us with information in our systems. If you submit a request to know specific pieces of personal information, delete certain information, or correct certain information, in addition to verifying your identity with information we have on file, you also may be required to submit a signed declaration under penalty of perjury stating that the requestor is the consumer whose personal information is the subject of the request. If we are unable to respond to your request for specific pieces of information, we will evaluate your request as if it is a request to know the categories of personal information that we have collected about you.

If you have a password-protected account with us, we may verify your identity through our existing authentication practices for your account and we will also require you to re-authenticate yourself before we disclose your personal information. If we suspect fraudulent or malicious activity on or from your account, we will not comply with your request until we perform further verification to determine whether your request is authentic and you are the person about whom we have collected the personal information.

We will generally avoid requesting additional information from you to verify you. However, if we cannot verify your identity based on the information we currently maintain, we may request additional information from you, which will only be used to verify your identity and for security or fraud-prevention purposes. We will delete any new personal information we collect to verify your identity as soon as practical after processing your request unless otherwise required by law.

Generally, if we are unable to verify your identity, we will deny your request and inform you of our inability to verify your identity and explain why we were unable to do so.

Please note that we are only required to respond to your request for access to your personal information twice within a 12-month period.

Responding to Your Request to Know, Correct, or Delete

Once we receive your verifiable consumer request, we will confirm our receipt of your request within 10 business days and provide you with additional information about how we will process the request. Our goal is to respond to your request within 45 calendar days of receiving the request, beginning on the day we receive the request. However, in the event that we need more time (up to 90 calendar days) to respond to your request, we will provide you with notice and an explanation of the reasons that we will take more than 45 calendar days to respond. Any disclosures we provide will cover information collected and maintained since January 1, 2022. If we are unable to comply with a given request, we will provide you with a response explaining why we have not taken action on your request and identifying any rights you may have to appeal the decision.

We will not charge you or your authorized agent to verify your identity. In addition, we will not charge you or your authorized agent a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Authorized Agent for Requests

You may designate an authorized agent to make a request on your behalf. Unless you have a power of attorney, if you would like to use an authorized agent, which is an individual or business registered with the Secretary of State that you have authorized to act on your behalf, to submit a request, you must provide the authorized agent with written and signed permission to do so, and either verify your own identity directly with us, or directly confirm that you provided the authorized agent with permission to submit the request. We may deny a request from an authorized agent that does not submit proof that they are authorized to act on your behalf.

 Changes to Our California Privacy Statement

We are required by law to update this California Privacy Statement at least once each year. This California Privacy Statement was last updated on March 1, 2023.

 

 Contact Information

If you have any questions regarding our privacy policies, our California Privacy Statement, the ways in which we collect, use, and disclose your personal information, or how to exercise your rights under the CCPA, please do not hesitate to contact us at:

Phone: 1-877-791-4133
Email: CAprivacy@creditone.com
Postal Address:             Credit One Bank, N.A.
                                        ATTN: CCPA - Compliance
                                        PO BOX 98838
                                        Las Vegas, NV 89193-8838