Online Privacy Statement
This Online Privacy Statement ("Privacy Statement") describes Credit One Bank's online and mobile privacy practices and applies to websites, mobile applications that run on smartphones, tablets, and other devices ("apps"), and additional services that we offer which link to this Privacy Statement.
By using this website or our apps, you agree to the terms and conditions of this Privacy Statement.
Information We Collect – and How We Collect It
Our websites and apps are not intended to be used by children. We do not intentionally collect personal information from children under 13 without permission from their parent or legal guardians. For more information about the Children's Online Privacy Protection Act (COPPA), please refer to the FTC's website at https://www.ftc.gov/tips-advice/ business-center/privacy-and-security/children%27s-privacy.
When you use our website or our apps, we may collect Personal Information that you submit to us voluntarily, or Online Activity Data that we collect passively.
Personal Information is information such as your name, mailing address, email address, telephone number, Social Security number, or other information that identifies you. This information may be collected when you voluntarily provide it to us through forms on our website or in our apps. These forms could include survey forms, credit card applications, contest entries, and sign in pages for online banking or mobile application access.
How We Use Information
We may use Personal Information and Online Activity Data we have collected for a variety of reasons, including:
- to enable you to apply for a Credit One Bank credit card
- to enable you to use online tools or perform certain online transactions
- to service and manage your account, including responding to or updating you on inquiries, or to contact you about your accounts or feedback
- to offer you special products and services and deliver advertisements to you in the form of banner ads, interstitial pages (ads that appear as you sign in or sign out of your online accounts) or other promotions
- to analyze whether our ads, promotions, and offers are effective
- to help us determine whether you might be interested in new products or services, and to improve existing products and services
- to verify your identity and/or location to allow access to your accounts, and conduct online transactions
- to manage fraud and data security risk
- to personalize and optimize your website browsing and app experiences by examining which parts of our website you visit or which aspect of our apps you find most useful
- to comply with federal, state or local laws; civil, criminal or regulatory investigations; or other legal requirements
- to share with trusted third parties who are contractually obligated to keep such information confidential, and
Managing Your Online and Mobile Preferences
As you access our online services, cookies and similar technologies allow us to customize content and advertisements for our products and services on our websites or apps. In order to make content and advertising as relevant as possible, we may use information about your relationship with us (such as types of accounts and transactional information). Using cookies can give you additional or easier access to certain features on our website (such as allowing you to sign in easier), and can allow us to provide you with more personalized offers. Currently, our website does not respond to browser "do not track" signals. You can set your browser to not accept cookies or to indicate when cookies are sent.
Some mobile devices come with a non-permanent advertising identifier or ID which gives companies the ability to serve targeted ads to a specific mobile device. In many cases, you can turn off mobile device ad tracking or you can reset the advertising identifier at any time within your mobile device privacy settings. You may also choose to turn off location tracking on your mobile device. By turning off ad tracking or location tracking on your mobile device, you may still see the same number of ads as before, but they may be less relevant because they will not be based on your interests. User mobile data will not be shared.
Behavioral Advertising on Third Party Websites
Certain Credit One Bank partners may use unique cookies to collect Online Activity Data on our website or apps to advertise on third party websites Credit One Bank products and services that may be of interest to you. Our partners are subject to their own privacy policies. To explore options for opting out of behavioral advertising, visit http://optout.aboutads.info/ or click on the AdChoices icon in an ad and follow the instructions. You may also use the Network Advertising Initiative's (NAI) Opt-Out Tool or other tools provided by the publishing platform. Opting out relies on information in the unique cookies placed on your web browser by our partners, so if you delete cookies, use a different device, or change web browsers, you may need to opt out again. Additionally, we may partner with websites like Google and Yahoo to display ads to you based on search terms you use on those websites. Please review the privacy policies of those websites for instructions on how to limit these ads. Please note that you may still receive general online advertising from Credit One Bank even after you adjust your ad preferences with certain web search engines or opt out of online advertising through AdChoices or the NAI tool. Such advertising, however, will not be based on Online Activity Data or search term information. Our marketing emails include instructions on how to opt out of receiving such emails in the future.
Updating Your Information
Keeping your account information up-to-date is important. You may review or update certain account information by signing in to your account online. If you cannot change the incorrect information online, or you prefer to request changes offline, please see the Customer Service section on our website, or call 877-825-3242 or write to us using the contact information listed on your account statements, records, or other account materials.
At Credit One Bank, we are committed to protecting your personal and financial information. If we collect identifying information from you, we will protect that information with security measures based on internationally recognized security standards, regulations, and industry-based best practices.
Changes to this Privacy Statement
Credit One Bank may change its online privacy practices in the future and we may revise this Privacy Statement to reflect material changes. This Privacy Statement was last revised July 1, 2018, and is effective as of that date.
AdChoices: Allows individuals to opt out of browser-enabled interest-based advertising by some or all participating companies, using opt-out cookies to store your preferences in your browser.
Browser: An application used for accessing websites or information on a computer network. Examples include Chrome, Safari, Edge, Internet Explorer, and Firefox.
Business partners: Companies we partner with to jointly market and/or deliver products and services to you. Business partners include affinity or co-brand business partners. They may not use this information to independently market to you unless you consent.
Cookies: Small pieces of data sent from a website and stored on your computer by your web browser that can allow other websites that you visit, and the advertising companies and content partners for those websites, to track your browsing activities. Cookies do not store personal information.
IP address: A unique "Internet Protocol" number assigned to a device connected to the Internet. Credit One Bank treats IP addresses as non-personal information unless otherwise required by law.
Operating system: Software that controls the operation of a computer and directs the processing of programs, such as Microsoft Windows or macOS.
Service providers: Vendors with whom we have a contractual relationship to perform services on our behalf. Vendors may not use personal information for any purpose other than carrying out those services.
Session: The time from when a customer is signed in to a website or app to when the customer is signed out.
Social media: Websites and apps that enable users to create and share content or to participate in social networking, such as Facebook, Twitter, LinkedIn, YouTube, and Instagram.
Third-party websites: Sites that are not owned or operated by Credit One Bank and are not subject to our Privacy Statement.
Web beacon (alternatively referred to as a tracking bug, tag, page tag, tracking pixel, pixel tag, or clear gif): An often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an email that is used to monitor the behavior of the user visiting the website or interacting with the email. Web beacons can be used for activities like site traffic reporting, unique visitor counts, advertising auditing and reporting, and personalization.
California Privacy Statement
This California Privacy Statement is for California Residents only and supplements the Privacy Notice. This policy describes the personal information that Credit One Bank, N.A. (“we,” “our,” or “us”) collects in the course of its business, explains how this information is collected, used, shared, and disclosed, describes rights provided by the California Consumer Privacy Act of 2018 (“CCPA”) to California Residents (“consumers” or “you”) regarding their personal information, and explains how consumers can exercise those rights.
What is Personal Information?
We may collect, use, or share your personal information. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household (“personal information”). “Personal information” does not include: (1) publicly available information, such as information that is lawfully made available from federal, state, or local records, and (2) de-identified or aggregate consumer information.
- Certain personal information covered by or collected under industry-specific federal and state privacy laws including, but not limited to, the Health Insurance Portability and Accountability Act of 1996, the California Confidentiality of Medical Information Act, the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the California Financial Information Privacy Act, and the Driver's Privacy Protection Act of 1994.
Personal Information We Collect, Use, or Share
The CCPA requires us to disclose certain information regarding our collection, use, and sharing of personal information.
Collecting Your Personal Information
In the past 12 months, we have collected the following categories of personal information:
- Identifiers. This may include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
- Personal information described in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)). This may include a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
- Internet or other similar network activity. This may include browsing history, search history, or information on a consumer's interaction with a website, application, or advertisement.
- Geolocation data. This may include physical location or movements.
- Inferences drawn from other personal information. This may include information, data, assumptions, or conclusions derived from facts, evidence, or another source of information or data reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
In the past 12 months, we have collected personal information from the following categories of sources:
- You (or your representative)
- Data Analytics Providers
- Marketing Partners
- Our websites and mobile applications
- Third-party websites, such as social media websites
- Service Providers
- Credit reporting agencies
We may collect your personal information for the following business or commercial purposes:
- Account Services: We use personal information to offer our account services, including: (1) establishing, maintaining, supporting, and servicing an account you may have opened with us and for which you provided the information or that you may have applied for or established with us; (2) providing services, products, or information you may have requested from us; and (3) performing services such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, or providing similar services on our own behalf or on the service provider’s behalf.
- Security and Fraud Detection: We use personal information for our security and fraud detection services including: detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity.
- Debugging: We use personal information to engage in debugging to identify and repair errors that impair existing intended functionality.
- Improvement of Products and Services: We use personal information to verify, maintain, and improve our products and services.
- Internal Research: We use personal information for our internal research related to technological development and demonstration.
- Advertising and Marketing Services: We use personal information to provide advertising or marketing services on our own behalf.
- Audits: We use personal information to audit current interactions with you and related transactions (e.g., counting and verifying ad impressions, auditing compliance).
- Merger/Acquisition/Bankruptcy, etc.: We may use your personal information as part of a merger, acquisition, bankruptcy, or other transaction where a third party assumes control of us.
- Commercial/Economic Interests: We use personal information to advance our commercial or economic interest.
- Legal Obligations: We use personal information to comply with legal obligations.
Disclosing Your Personal Information for a Business or Commercial Purpose
We may disclose your personal information to service providers and third parties in order to carry out specific business or commercial purposes. In the preceding 12 months, we have disclosed the following categories of consumer personal information for business or commercial purposes to service providers and the following categories of third parties:
- Identifiers to Data Analytics Providers, Marketing Partners, and attorneys and legal counsel.
- Personal information described in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)) to Data Analytics Providers, Marketing Partners, and attorneys and legal counsel.
- Internet or other similar network activity to Data Analytics Providers, Marketing Partners, and attorneys and legal counsel.
- Geolocation data to Data Analytics Providers, Marketing Partners, and attorneys and legal counsel.
- Inferences drawn from other personal information to Data Analytics Providers, Marketing Partners, and attorneys and legal counsel.
In the preceding twelve (12) months, we have not sold any personal information. In addition, we do not sell personal information. Also, it is our business practice not to sell the personal information of minors under 16 years of age and we have no actual knowledge of doing so.
Your Rights under the CCPA
As described in more detail below, the CCPA provides you with certain rights regarding the collection, use, and disclosure of your personal information. The CCPA also provides consumers with certain rights (for example, opt-out rights) if a business sells personal information, which we do not do.
The Right to Know About Personal Information Collected, Used, or Disclosed
You have the right to request that we provide you with certain information about the personal information we collect, use, or well as the categories and specific pieces of information that we have collected about you in the 12 months before your submission consumer request. Specifically, you have the right to request the following
- The specific pieces of personal information we have about you.
- The categories of personal information we have collected about you, including:
- The categories of personal information we have collected about you in the past 12 months.
- The categories of sources from which the personal information about you was collected.
- Our business or commercial purpose for collecting your personal information.
- If we shared your personal information:
- The categories of personal information that we disclosed about you for a business purpose in the past 12 months and, for each category identified, the categories of third parties to which it disclosed that particular category of personal information; and
- The categories of third parties that we share personal information.
A household may request to know aggregate household personal information by submitting a verifiable consumer request. Also, unless the household has a password-protected account, if all consumers in a household jointly request access to specific pieces of information for the household, we can individually verify the identity of all the members of the household, and we can verify that each member is a current member of the household, then we will comply with the request.
However, there is certain information that we will not disclose to you. This information includes but is not limited to your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, security questions and answer, or unique biometric data generated from measurements or technical analysis of human characteristics.
The Right to Request Deletion of Personal Information
You have the right to request that we delete any personal information that we have collected from you and maintained about you. Once we receive and confirm your verifiable consumer request, if we determine that we must comply with a deletion request and delete your personal information from our records, we will also direct any service providers we work with to also delete your personal information from their records. If we store any of your personal information in our archived or back-up systems, we will delete your information once the systems are accessed, restored, and/or used.
A household may request the deletion of aggregate household personal information by submitting a verifiable consumer request. In addition, unless the household has a password-protected account, if all consumers in a household jointly request deletion of household personal information, we can individually verify the identity of all the members of the household, and we can verify that each member is a current member of the household, then we will comply with the request.
Please note that we may deny your deletion request for a number of different reasons, which are identified in the CCPA.
Exercising Your Rights under the CCPA
Submitting a Verifiable Request to Know or Request to
To exercise your Right to Know or your Right to Delete, please submit a verifiable consumer request to us by
- Phone: 1-877-791-4133
- Email: CAprivacy@creditone.com
To submit a verifiable consumer request, you (or your authorized agent) will be asked
- If you are a current or former customer, you must provide the following information:
- First and Last Name,
- Home Address,
- Email Address,
- Telephone Number, and
- Credit One Bank Account Number
- If you are not a current or former customer you must provide
- All the information required for a current customer (not including a Credit One Bank Account Number)
- A copy of the front and back of your Driver’s License or State ID card, mailed to:
Credit One Bank
ATTN: CCPA - Compliance
PO BOX 98838
Las Vegas, NV 89193-8838
Only you (or an authorized agent) may make a verifiable consumer request.
Verifying Your Identity
Once you submit your verifiable consumer request, we will verify your identity by matching the information you provided us with information in our systems. If you submit a request to know specific pieces of personal information or a request to delete certain information, in addition to verifying your identity with information we have on file, you also may be required to submit a signed declaration under penalty of perjury stating that the requestor is the consumer whose personal information is the subject of the request. If we are unable to respond to your request for specific pieces of information, we will evaluate your request as if it is a request to know the categories of personal information that we have collected about you.
If you have a password-protected account with us, we may verify your identity through our existing authentication practices for your account and we will also require you to re-authenticate yourself before we disclose your personal information. If we suspect fraudulent or malicious activity on or from your account, we will not comply with your request until we perform further verification to determine whether your request is authentic and you are the person about whom we have collected the personal information.
We will generally avoid requesting additional information from you to verify you. However, if we cannot verify your identity based on the information we currently maintain, we may request additional information from you, which will only be used to verify your identity and for security or fraud-prevention purposes. We will delete any new personal information we collect to verify your identity as soon as practical after processing your request unless otherwise required by the CCPA
Generally, if we are unable to verify your identity, we will deny your request and inform you of our inability to verify your identity and explain were unable to do so.
Please note that we are only required to respond to your request for access to your personal information twice within a 12-month period.
Responding to Your Request to Know or Delete
Once we receive your verifiable consumer request, we will confirm our receipt of your request within 10 business days and provide you with additional information about how we will process the request. Our goal is to respond to your request within 45 calendar days of receiving the request, beginning on the day we receive the request. However, in the event that we need more time (up to 90 calendar days) to respond to your request, we will provide you with notice and an explanation of the reasons that we will take more than 45 calendar days to respond. Any disclosures we provide will cover the 12-month period preceding the verifiable consumer request’s receipt. If we are unable to comply with a given request, we will provide you with a response explaining why we have not taken action on your request and identifying any rights you may have to appeal the decision.
We will not charge you or your authorized agent to verify your identity. In addition, we will not charge you or your authorized or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. agent a fee to process
Authorized Agent for Requests
You may designate an authorized agent to make a request on your behalf. Unless you have a power of attorney, if you would like to use an authorized agent, which is an individual or business registered with the Secretary of State that you have authorized to act on your behalf, to submit a request, you must provide the authorized agent with written and signed permission to do so, verify your own identity directly with us, and directly confirm that you provided the authorized agent with permission to submit the request. We may deny a request from an authorized agent that does not submit proof that they are authorized to act on your behalf.
We will not discriminate against you for exercising any of your CCPA rights. For example, unless otherwise permitted by
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our California Privacy Statement
We are required by law to update this California Privacy Statement at least once each year. This California Privacy Statement was last updated on November 5, 2021.
During the period of July 1, 2020 through June 30, 2021, Credit One Bank received no data requests by California residents.
If you have any questions regarding our privacy policies, our California Privacy Statement, the ways in which we collect, use, and disclose your personal information, or how to exercise your rights under the CCPA, please do not hesitate to contact us at:
Postal Address: Credit One Bank, N.A.
ATTN: CCPA - Compliance
PO BOX 98838
Las Vegas, NV 89193-8838