Effective date: January 1, 2023
Introduction and overview
At NerdWallet, our mission is to provide you with clarity for all of your life’s financial decisions. We do so by empowering you with financial information and guidance you can trust and by providing you with tools to help you make the best decisions for your financial needs.
When you input your personal financial information into our websites and other applications, we have an obligation to provide you with clarity regarding how your data is accessed and used by NerdWallet, its affiliates, vendors, partners and other third party entities within the value chain.
To that end, this Privacy Policy describes the information we collect from you, how we use your information, whom we share your information with, and the steps we take to protect your information.
Scope of this Privacy Policy
This Policy applies to your access and use of all products and services that are made available by NerdWallet, Inc. or its affiliates, including Fundera, Inc. (the “NerdWallet Services” or “Services”) through our websites, including but not limited to www.nerdwallet.com and our downloadable mobile applications (collectively, the “Site”).
By using the Services, you consent to the privacy practices described in this Policy.
Most of our data collection, use, and sharing practices are governed by the Gramm-Leach-Bliley Act. Please see our Gramm-Leach-Bliley Privacy Notice for a summary of privacy options related to most of our Services. Capitalized terms that are not defined in the Privacy Policy have the meaning given to them in the NerdWallet Terms of Use.
I. Information We Collect
A. INFORMATION WE COLLECT DIRECTLY FROM YOU
We may collect information directly from you when you use our Services — for example, when you register to become a member, when you request to prequalify for a third-party credit card or loan product, when you request your TransUnion credit report and/or score, when you link your third-party financial accounts, or when you fill out calculators, forms or other fields on our Site. In such cases, we may ask you to provide us with one or more of the following pieces of information:
- Name.
- Email address.
- Mailing address.
- Phone number.
- Date of birth.
- Social Security number.
- Your registration information, such as a username and password.
- Your third-party financial account information, such as an ID and password.
- Your financial information, such as investments, income, expenses, investable assets, investing risk tolerance or other similar types of information.
- Information about your job or business.
- Age, gender, or other similar demographic information when such information is relevant to a particular financial product or service you have requested (for example, when requesting auto insurance rates or using retirement planning calculators).
- When you communicate with us, either by email, phone, or other means of communication, we may also collect the content of these communications, including but not limited to recordings of phone calls where permitted by law.
Please note: We do not store your third-party financial account ID or passwords. Instead, we securely pass this information to our third-party partners when you request Services that require us to confirm your identity, when you request to prequalify for their products, and/or to provide you with access to your financial information on our Site.
B. INFORMATION AUTOMATICALLY COLLECTED
1. Information Collected
When you visit the Site, use the Services, or open an email from NerdWallet, we may automatically receive and record certain information from your computer, web browser and/or mobile device, including without limitation:
- IP address or other device address or ID.
- Web browser and/or device type.
- Geolocation data, including if you use the Site on a mobile device.
- Hardware and software settings and configurations.
- Web pages or sites that you visit just before or just after visiting the Site.
- Pages you view on the Site.
- Your actions on the Site, including the electronic path you take to our Site, through our Site and when exiting our Site, as well as your usage and activity on our Site, such as the links and objects you view, click or otherwise interact with (also known as “Clickstream Data”).
- Dates and times that you visit, access, or use the Services.
2. Cookie Information
When you use the Services, we may send one or more Cookies (which are small text files containing a string of alphanumeric characters) to your computer or mobile device. We may use both Session Cookies and Persistent Cookies. A Session Cookie disappears after you close your browser. A Persistent Cookie remains after you close your browser and may be used by your browser on subsequent visits to the Services. Persistent Cookies can be removed. Please review your web browser “Help” file to learn the proper way to modify your Cookie settings. If you delete, or choose not to accept, Cookies from the Services, you may not be able to utilize the features of the Services to their fullest potential.
3. Third-Party Web Beacons and Third-Party Buttons
We may implement third-party advertising or other content on the Site that may use clear GIFs or other forms of web beacons, which allow the third-party content provider to read and write Cookies to your web browser in connection with your viewing of the third-party content on the Site. Additionally, we may implement third-party buttons (such as Facebook “like” or “share” buttons) that may allow a third party to collect information about you through their browser Cookies, even when you do not interact with the button.
We also engage third-party partners and vendors like Google Analytics, Hotjar and others, who provide analytics and advertising services, to assist us in providing you the Site and our Services. We allow these third parties, including nonaffiliated business partners, advertising networks, analytics providers, and other advertising service providers, to automatically collect Clickstream Data and other information about your online activities on the Site and across your browsers and devices using cookies, web beacons, mobile advertising identifiers and other technologies. For example, we may use third-party analytics tools to help us understand and record the electronic path you take to our Site, through our Site and when exiting our Site, as well as your usage and activity on our Site, such as the links and objects you view, click or otherwise interact with. We use this data for our own analytics and advertising purposes, as well as to facilitate partner relationships and your interactions with other third parties. In addition, certain of our third-party partners may use this information to display online advertisements tailored to your interests and preferences across your browsers and devices, to conduct ad campaign measurement and website analytics, to detect, prevent and report fraud, or to carry out their own business and commercial purposes.
Where information collected through web beacons, buttons, and similar technologies is collected directly by third parties, their collection and use of information is subject to that third party’s own privacy policies. Some of these third parties are members of the Network Advertising Initiative or the Digital Advertising Alliance and participate in the industry’s opt out, available at http://optout.aboutads.info/#!/ or at http://optout.networkadvertising.org/#!/. Additionally, you may opt out of the use of Google Analytics Cookies here: https://tools.google.com/dlpage/gaoptout.
Due to differences between using websites and apps on mobile devices, you may need to take additional steps to opt out on both platforms. Many mobile devices allow you to opt out of interest-based advertising for mobile apps using the settings within the mobile app or your mobile device. For more information, please check your mobile settings. You also may uninstall our app using the standard uninstall process available on your mobile device or app marketplace. Please note that your opt-out choice will apply only to the browser and device you are using when you opt out.
C. INFORMATION FROM OTHER SOURCES
We may also obtain information about you from third-party sources, such as our business partners, referral partners or advertisers. We may also, at your direction, receive credit reports or scores from consumer reporting agencies such as TransUnion, Experian, or Equifax, or third-party services that provide a mechanism to share information you have provided to the third party through the use of an application program interface (API), such as Facebook Connect or the Twitter API. If we combine or associate information from other sources with your information that we collect through the Services, we will treat the combined information in accordance with this Privacy Policy, the Terms, and applicable law.
1. Link My Account
Link My Account is a feature that allows you to track all of your third-party financial accounts on NerdWallet’s website. By using the Link My Account Service, you grant NerdWallet and its third-party service provider, Plaid, Inc., permission to access your third-party financial accounts designated by you. We may use your account information to evaluate your eligibility for and recommend other products or services and to modify or develop our products and services to better serve you. By using the Link My Account Service, you agree to the Plaid End User Privacy Policy.
II. How We Use Your Information
Your information is an integral part of our operations, and we use it in a variety of ways in providing the Services and operating our business. We use the information you provide, for example:
A. To provide you the Services you request and enable non-affiliated third parties to provide additional services to you.
B. To operate, maintain and improve the Services and create new features and functionality.
C. To understand and analyze usage trends and preferences of our users across different devices.
D. For fraud detection and information security.
E. We may use your e-mail address or other personal information (a) to contact you for administrative purposes such as customer service, (b) to address intellectual property, right of privacy or defamation issues related to content you have posted on the Services, and/or (c) to send you promotional materials, offers, and/or messages related to the Services and the activities of third parties we work with. Generally, you can opt out of receiving promotional communications, through links provided in the messages, by updating your account preferences through the Services, or by contacting us directly at [email protected].
F. We may use Cookie Information and Automatically Collected Information to: (a) personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Services; (b) pre-fill forms; (c) provide customized advertisements, content, and information across your devices; (d) monitor and analyze the effectiveness of Services and third-party marketing activities; (e) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (f) track your entries, submissions, and status in any promotions or other activities.
G. If you request access to your consumer credit reports, we may use it (1) to provide you with access to your free credit score, including periodic updates to your credit score, and (2) to make recommendations regarding financial products and services that may be of interest to you, including credit cards, personal loans, home loans and other financial products and services offered by NerdWallet partners.
III. How We Share Your Information
A. We may disclose your information in connection with providing the Services and the operation of our business. For example, we may share personal information, such as name, email, address, Social Security number and other identifying information, with nonaffiliated third-party service providers to verify your identity in connection with your use of certain aspects of the Services. For example, we may ask for your Social Security number, or a portion of it, to verify your identity in connection with services that enable you to see your current credit score or other financial information.
B. We may share information collected directly from you with nonaffiliated third-party lending partners or third-party service providers in connection with your use of specific aspects of the Services. Some examples include but are not limited to:
1. When you request to prequalify for a third-party loan or credit card product on our Site.
2. When you request additional or personalized information regarding financial product offers from third-party financial service aggregators we partner with.
3. When you request access to your credit report or score.
4. When you request access to your third-party banking, credit card, retirement or investment products on our Site.
5. When you report a complaint about a product or a third-party lending partner featured on our Site; we may forward your complaint to that lending partner.
6. When you request answers or advice through our Services, NerdWallet may provide certain of your information to third-party experts, advocates, and advisors.
C. We may share automatically collected information such as IP address and Clickstream Data as well as de-identified information with nonaffiliated third-party partners when you leave our Site (for example, from a rate table or review) to go to a third-party site to request information or apply for financial products.
D. We may share your credit report and other personal information with and/or among our wholly owned NerdWallet subsidiaries in order to provide you with recommendations on financial products and services that might be of interest to you.
E. We may share your information with third-party service providers to support our internal and business operations. In such cases, service providers may use the information only as necessary to provide the services to us and are contractually required to keep your information confidential and secure. For example:
1. For website, application development, hosting, data storage, maintenance, and other services for us.
2. For internal marketing, delivery of emails, including promotional, marketing and transactional materials, delivery of other promotional materials, including via postal mailers, SMS and text messaging, and online and social media promotions and advertising.
3. For fraud prevention and security purposes.
F. When you choose to share your own information on a publicly accessible area of the Site, such as a public profile page or any section where you can publicly submit questions to us or our third-party partners, that information will be available to anyone who is able to access that content, including other Site users. Additionally, questions you submit and answers provided by third parties may be posted on our Site and viewable by other users and the public.
G. We may share de-identified and/or aggregate analytics with third-party partners about how users interact with our Services, including usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Service.
H. We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as copyright law), in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement activity.
I. By submitting a request through our Services, you consent to the disclosure of your information to third parties in order for us to carry out your request. The collection and use of your information by third parties is subject to each third party’s specific privacy policy and terms of use. NerdWallet has no control over the means by which third parties further use or disclose your information.
J. If you submit a request through our Services, a third-party service provider may directly contact you with quotes or information via telephone, auto-dialed prerecorded calls, SMS, fax, and/or email. You may also receive telemarketing calls as a result of submitting the request, even if you are on the National Do Not Call Registry or any other similar registry.
K. Do not submit a request for information or services if you do not want your personal information shared as described above. Once you have submitted a request through the Services and we have shared your information as described above, the terms of the third party’s privacy policy will apply to that party’s use of your information.
L. You may, of course, decline to share certain information with us, in which case we may not be able to provide to you some of the features and functionality of the Services.
M. You have the option to refuse any free consultations or offers for services provided after you submit a request to a third party through the Services.
N. We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal information to a third party during negotiations of, in connection with or as an asset in such a corporate business transaction. Personal information may also be disclosed in the event of insolvency, bankruptcy, or receivership.
O. Please see our Gramm-Leach-Bliley Privacy Policy for more information about how you can limit your sharing options.
IV. Exercising Your Rights, Updating Your Membership Information, Canceling Your Membership, and Deactivating Your Account
A. EXERCISING YOUR RIGHTS
1. Your rights
We believe that you have rights to your personal information even if you do not have an account with us.
However, because some states provide their residents with specific rights in relation to their personal information, the scope of your rights with respect to the data we collect and process may vary depending on where you live. To find out more about how to exercise your rights, please visit our Privacy Preferences page. For Fundera, please visit our Fundera Privacy Preferences page.
2. Verification
To help protect your privacy and secure your personal information, you may be asked to provide additional information to verify your identity and/or ownership rights prior to us exercising your data rights. If we are unable to verify your identity or ownership rights to the data, we may not be able to provide you with data rights until you are able to provide us with proper documents.
3. Information retention
Unless you specifically ask us to delete your personal information, we will retain your personal information as long as it is necessary for us to comply with our data retention requirements and provide you with services and the benefits of our Services and successfully run our business. However, even if you request a deletion, we may be required to maintain your information for as long as necessary to:
- comply with our legal or regulatory compliance needs (e.g. maintaining records of transactions you have made with us);
- to exercise, establish or defend legal claims; and/or
- to protect against fraudulent or abusive activity on our service.
This means we may keep different information for different periods. If your account is canceled because you’ve not used it in a long time, we may delete this information at any time.
There may be occasions where we are unable to fully delete, anonymize, or de-identify your information due to technical, legal, regulatory compliance or other operational reasons. Where this is the case, we will take reasonable measures to securely isolate your personal information from any further processing until such time as we are able to delete, anonymize, or de-identify it.
B. UPDATING YOUR INFORMATION
1. How to Update your NerdWallet Information
Once you have registered for a NerdWallet account, you may update or correct your profile information and preferences at any time by accessing your account settings page through the Site.
2. How to Update your Fundera Information
If you have applied for a loan through Fundera and wish to access personal information that you have submitted to us or to request the correction of any inaccurate information you have submitted to us, you may correct certain information via your user account. Alternatively, you can contact us at [email protected] to request any corrections to your personal information. You may also email us if you wish to deregister, but even after you deregister, we may retain archived copies of information about you consistent with applicable law.
C. DEACTIVATING YOUR ACCOUNT
We do not delete information about you upon deactivation of your account. Although your deactivated status is reflected promptly in our user databases, we may retain the information you submit for a variety of purposes, including legal compliance, backups and archiving, prevention of fraud and abuse, and analytics. Upon deactivation, you will no longer receive emails from us and links to third-party financial accounts, and Services will automatically terminate.
D. UNSUBSCRIBING
1. How to Unsubscribe From Email Communications
If you do not wish to receive email offers or newsletters from us, you can opt out of receiving emails from us (except for emails related to the completion of your registration, correction of user data, change of password, and other similar communications essential to your transactions through the Services) by using the unsubscribe process at the bottom of any marketing email from us. Although your changes are reflected promptly in active user databases, we may retain all information you submit for a variety of purposes, including backups and archiving, prevention of fraud and abuse, and analytics.
2. How to Unsubscribe from SMS Communications
We may provide our registered Fundera customers with SMS alerts regarding their activity on the Service. Registered customers have the ability to opt out of receiving these SMS alerts by texting the word STOP to 646-760-3048. You may also reply STOP to any message you receive from us. Upon receipt of your STOP message, we will send you a SMS message to confirm that you have been unsubscribed. At that point, you will no longer receive any further SMS messages from Fundera. If you need any assistance, you can always text the word HELP to 646-760-3048 or reply HELP to any message you receive from us. Upon receipt of your HELP message, we will respond with STOP instructions and a link to relevant Terms of Service and Privacy Policy.
V. Our Commitment to Data Security
We use certain physical, managerial, and technical safeguards that are designed to protect the integrity and security of your information. We cannot, however, ensure or warrant the security of any information you transmit to us through the Services or store on the Site, and you do so at your own risk.
VI. California Privacy Rights
This section contains disclosures required by the California Consumer Privacy Act (“CCPA”) and applies only to “personal information” that is subject to that law. Most of our data collection, use, and sharing practices are governed by our Gramm-Leach-Bliley Privacy Policy. However, if you are a California resident, the CCPA may apply to our Services as they relate to business products featured on our site (for example, business credit cards and small business loans). Please review our California Privacy Policy for our California privacy disclosures and information on how to exercise your CCPA rights.
VII. International Visitors
The Service is hosted in the United States and is intended solely for visitors located within the United States. The information we provide and the third-party products and services featured are tailored for the United States market only. You agree that if you choose to use the Services from outside the United States, you will be transferring your information outside of those regions to the United States for storage and processing.
VIII. In the Event of Merger or Sale
NerdWallet reserves the right to transfer or assign the information that we have collected from users in connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
IX. Changes and Updates to This Privacy Policy
We reserve the right to make changes to this Privacy Policy at any time. We will notify you about material changes in the way we treat your information, including by placing a prominent notice on the Site or by sending you an email so that you can choose whether to continue using the Services. Material modifications are effective 30 calendar days after our initial notification or upon your acceptance of the modified Terms. Immaterial modifications are effective upon posting of the updated Privacy Policy or Terms of Service on the Site. Please revisit this page periodically to stay aware of any changes to this Privacy Policy. For the avoidance of doubt, disputes arising hereunder will be resolved in accordance with the Privacy Policy in effect at the time the dispute arose.
X. Our Contact Information
Please contact us with any questions or comments about this Privacy Policy, your personally identifiable information, our use and disclosure practices, or your consent choices by e-mail at [email protected].
NerdWallet, Inc.
55 Hawthorne St.
11th Floor
San Francisco, CA 94105
Thank you for reviewing our Privacy Policy.