Last update: October 24, 2018.
- If you have a financial product or service with us, we will use and share any information that we collect from or about you in accordance with our Merchant Services Privacy Statement.
- Our online services are not intended for children under 13. We do not knowingly collect personal information from children under 13 without parental consent.
Information We Collect
When you visit or use our online services, we may collect personal information from or about you such as your name, email address, mailing address, telephone number(s), account numbers, limited location information (for example, a postal code), user name and password. We may also collect payment card information, tax identification numbers, driver’s license numbers (or comparable information) when you provide such information while using our online services and where we believe it is reasonably required for ordinary business purposes.
Usage and Other Information
For your convenience, Chase offers you the ability to access some of our products and services through mobile applications and mobile-optimized websites ("Chase Mobile"). When you interact with us through Chase Mobile, we may collect information such as unique device identifiers for your mobile device, your screen resolution and other device settings, information about your location, and analytical information about how you use your mobile device. We may ask your permission before collecting certain information (such as precise geo-location information) through Chase Mobile.
Additional Sources of Information
Use of Information
We use the information discussed above in a number of ways, such as:
- Processing applications and transactions;
- Verifying your identity (such as when you access your account information);
- Preventing fraud and enhancing the security of your account or our online services;
- Responding to your requests and communicating with you;
- Managing your preferences;
- Performing analytics concerning your use of our online services, including your responses to our emails and the pages and advertisements you view;
- Providing you tailored content and marketing messages;
- Operating, evaluating and improving our business (including developing new products and services; improving existing products and services; performing data analytics; and performing accounting, auditing and other internal functions);
- Complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and our policies;
- For any other purposes that we may specifically disclose at the time you provide or we collect your information.
We may also use data that we collect on an aggregate or anonymous basis (such that it does not identify any individual customers) for various business purposes, where permissible under applicable laws and regulations.
Disclosure of Information
We may share the information we collect from and about you with our affiliates and other third parties. For example, we may share your information with:
- Chase third-party service providers;
- Chase affiliated websites and businesses in an effort to bring you improved service across our family of products and services, when permissible under relevant laws and regulations;
- Other companies to bring you co-branded services, products or programs;
- Third parties or affiliates in connection with a corporate transaction, such as a sale, consolidation or merger of Chase businesses;
- We may share anonymous or aggregated information with third parties to help deliver products, services, and content that are better tailored to the users of our online services and for other purposes.
Understanding Cookies, Web Beacons and Other Tracking Technologies
- "Cookies" are small amounts of data a website can send to a visitor’s web browser. They are often stored on the device you are using to help track your areas of interest. Cookies may also enable us or our service providers and other companies we work with to relate your use of our online services over time to customize your experience. Most web browsers allow you to adjust your browser settings to decline or delete cookies, but doing so may degrade your experience with our online services.
- Clear GIFs, pixel tags or web beacons—which are typically one-pixel, transparent images located on a webpage or in an email or other message—or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when you are served advertisements or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns and measure site or campaign engagement.
- Local Shared Objects, sometimes referred to as "flash cookies" may be stored on your hard drive using a media player or other software installed on your device. Local Shared Objects are similar to cookies in terms of their operation, but may not be managed in your browser in the same way.
Linking to Third-Party Websites
We use reasonable physical, electronic, and procedural safeguards that comply with industry standards to protect and limit access to personal information. This includes device safeguards and secured files and buildings. Please note that information you send to us electronically may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information (such as your tax identification number) to us.
The file containing your personal information is maintained on our servers or those of our service providers and will be accessible authorized employees, representatives and agents. You may request access to or correction of the personal information in our custody or control, or ask any questions about our personal information handling practices (including our use of service providers outside of Canada) by writing to our Chief Privacy Officer at:
100 Consilium Place, Suite 1700
Last updated: May 21, 2018
We work hard to protect your information.
- We take our responsibility to protect the privacy and confidentiality of your information, including personal information, very seriously. We maintain physical, electronic and procedural safeguards that comply with applicable legal standards to secure such information from unauthorized access and use, accidental or unlawful alteration and destruction, and other unlawful or unauthorized forms of Processing. We hold our employees accountable for complying with relevant policies, procedures, rules and regulations concerning the privacy and confidentiality of information.
We want you to understand the type of information we collect and how we use it.
- The types of personal information we collect from you when you visit or use our online services include your name, email address, mailing address, telephone number(s), account numbers, limited location information (for example, a zip code to help you find a J.P. Morgan office near you), user name and password. We may also collect payment card information, Social Security numbers, driver’s license numbers (or comparable), gender, race, nationality, and biometric identifiers when you provide it directly to us while using our online services and where we believe it is reasonably required for ordinary business purposes. In some instances, we create personal information about you, such as records of your interactions with us, and details of your accounts. We do not seek to collect or process sensitive personal information unless it is required or permitted by law; necessary for the detection or prevention of crime; necessary to establish, exercise or defend legal rights; or we have your prior explicit consent.
- We use and otherwise process the information we collect from you to help us deliver our online services; to administer, evaluate and improve our business (including developing new products and services, improving existing products and services, performing data analytics and other research tasks, communicating with you via any means, and performing accounting, auditing and other internal functions); manage our risks; to market our services and products; and to comply with and enforce applicable laws and regulations, relevant industry standards, contractual obligations and our policies. We also use data that we collect on an aggregate or anonymous basis (such that it does not identify any individuals or clients) for various business purposes, where permissible under applicable laws and regulations.
We aim to collect only what we need, keep it up-to-date and remove it when we no longer need it.
- We take reasonable steps to ensure that the personal information we process is limited to what we require in connection with the purposes set out in this Policy; it is accurate and, where necessary, kept up to date; and it is erased or rectified without delay if it is inaccurate. From time to time we may ask you to confirm the accuracy of your personal information.
- For some of our online services, you can review or update certain account information by logging in and accessing the "Client Center" or a similar user profile section. If you cannot change the incorrect information online, or you prefer to request changes offline, please contact your J.P. Morgan representative using the contact information listed on your account statements, records, or other account materials.
- We will retain copies in a form that permits identification for as long as we deem necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. In particular, we will retain personal information for as long as it is needed to establish, exercise or defend any legal rights.
We respect and protect your privacy even when you’re on the go.
- For your convenience, J.P. Morgan offers you the ability to access some of our products and services through mobile applications and mobile-optimized websites. When you interact with us through your mobile device, we collect information such as unique device identifiers, your screen resolution and other device settings, information about your location, and analytical information about how you use your mobile device. We typically ask your permission before collecting certain information such as precise geolocation information.
We share personal information with affiliates and with others when we believe it will enhance the services and products we can provide to you or for legal and routine business reasons.
- We share personal information among our affiliates and business units when we believe it will enhance the services we can provide, but only in circumstances where such sharing conforms to law, any applicable confidentiality agreements, and our policies and practices. Additionally, we reserve the right to share your personal information in connection with a corporate change including a merger, acquisition or sale of all or any relevant portion of our business or assets.
- We disclose information we have about you as required or permitted by law. For example, we share information with regulatory authorities and law enforcement officials when we believe in good faith that such disclosure is necessary to comply with legal requirements.
- From time to time, we enter into agreements with other companies to provide services to us, or to make services and products available to you. If these companies receive your personal information, they are required to safeguard it and only use it for those purposes we specify.
- J.P. Morgan believes that keeping your information secure and private is important, particularly when using third-party websites and applications that can help you invest or manage your finances. In partnering with Intuit, which provides the aggregation service Mint, J.P. Morgan has taken measures to keep your logon information secure and private. When you are prompted to provide your J.P. Morgan user ID and password to Mint, you will be entering your information directly into a J.P. Morgan protected site. Mint will not see or be able to store your user ID and password, and will only require a single logon for all of your devices and browsers to work.
- We can share your personal information with any person or entity if we have your consent to do so.
We transmit, transfer or process information to, or through, other countries in the world, as we deem necessary, appropriate or consistent with legal or regulatory obligations.
- Where required, we comply with applicable legal frameworks relating to the transfer of personal information. For example, under the European rules designed to adequately protect personal information transferred outside the European Economic Area we transfer personal information on the basis of determinations by the European Commission that certain countries adequately protect personal information, our Binding Corporate Rules, approved Model Contractual Clauses, and other valid transfer mechanisms.
We respect your rights concerning the processing of personal information and provide you with relevant and appropriate choices.
- Depending on how and where you interact with us, you may have a right to one or more of the following with respect to your personal information we process or control:
- request access to, or copies of, your personal information, together with details about how we process it;
- request rectification of any inaccuracies;
- request erasure or restriction of Processing;
- object to processing by us or on our behalf;
- have personal information transferred to another party;
- withdraw consent to processing; and
- lodge complaints with a data protection authority regarding any processing by us or on our behalf.
- To exercise one or more of these rights or to ask a question about them, please use the contact details provided below.
- In addition to the rights you have under applicable data protection laws, we may give you choices regarding the sharing of personal information with affiliates and third parties based on your relationship(s) with us as a financial institution. Choices you have about the sharing of your personal information will be described in the privacy policies or notices you receive from us, such as those provided in connection with particular financial products or services you obtain from us.
We respect your decisions about the collection of personal information related to your online activities over time and across different websites for advertising purposes.
- J.P. Morgan does not allow unaffiliated third parties to collect personal information about your online activities when you visit our online services. Nor do we use personal information collected across non-affiliated websites for the purpose of serving you advertising related to your browsing behavior. If we engage in this practice in the future, we will provide appropriate notice and choice so that you can opt-out of the practice.
We tell you when our privacy policies and practices change.
We want to hear from you if you have questions.
- If you would like to contact the J.P. Morgan Data Protection Officer, please send an email to EMEA.Privacy.Office@jpmchase.com.