Online privacy practices statement

This notice describes the online privacy practices of TIAA Bank and its subsidiaries (“TIAA Bank”) and applies to anyone who visits our websites. It explains how we may collect information from you online when you visit a TIAA Bank website and how we protect and use that information.

The information that you provide to TIAA Bank (or that we otherwise receive) when you apply for or receive a product or service used primarily for personal, family or household purposes is governed by the TIAA, FSB Consumer Privacy Notice

Online information collection

When you use our website, TIAA Bank collects information in several ways:

  • If you use online banking services, we collect and use information as described in the TIAA, FSB Consumer Privacy Notice.
  • TIAA Bank collects and uses your IP address to help diagnose problems with its servers and to administer the website. An IP address is like a telephone number for a computer on the Internet. Just as one can locate a phone number in the telephone book, computers can locate an IP address using a Doman Name Service Server. TIAA Bank uses your IP address and information transmitted from your computer to help identify your computer and browser as you move throughout the TIAA Bank website, and to gather general information such as where your Internet Service Provider is located or the type of service that you have. In many cases, this allows TIAA Bank to present a convenient, more customized website to you.
  • Our website and our service providers may over time use cookies and similar technologies to collect information about which computers and browsers access our website, and to keep track of you as you move through our website and third party websites that have a business relationship with our service providers. Cookies are small text files or text identifiers that are placed on your computer by TIAA Bank and many other websites. TIAA Bank and our service providers use this information for a number of reasons, including to deliver content specific to your interests, provide access to our secure banking functions, assist with website traffic reporting (such as reporting unique visitor counts), provide client support, respond to your inquiries (including through the use of live chat or video session technologies), measure and report the level of engagement with TIAA Bank advertisements on this and other websites, and provide you with advertisements tailored to your interests (also known as “Targeted Advertising”). In most cases, the information collected from cookies does not contain personally identifying information, nor do we combine the information with personally identifying information. However, we may use cookies to collect personally identifying information to authenticate and/or remember user name upon login. If you choose, you may set your web browser to warn you each time before it accepts a cookie and allow you to choose whether you want to accept the cookie. You may also choose to obtain software that operates in conjunction with your browser to control cookie acceptance. Some portions of the TIAA Bank website use cookies to provide you with a secure environment for certain financial transactions. These features may not work properly if you restrict the use of cookies on the website.
  • TIAA Bank also collects information that you provide to us through your use of the website and its features (including live chat or video sessions) to provide client support and to respond to your inquiries.

Information security

Protecting your information is important to TIAA Bank. We’ve instituted policies, procedures, employee training and communication programs designed for the purpose of protecting your information. Some examples of how TIAA Bank protects your information include the following safeguards that TIAA Bank applies to nonpublic personal information (NPI), as that term is defined and regulated under the Gramm-Leach-Bliley Act (15 U.S.C. § 6809(4)):

  • Restricting access to NPI to only those persons with a business need to know the information in order to process or service client account(s).
  • Contractually requiring third parties doing business with TIAA Bank to comply with all applicable privacy and security laws.
  • Maintaining physical, electronic, and procedural safeguards that comply with applicable federal and state standards to safeguard NPI.

By using our online services, you acknowledge and agree that you will not, under any circumstances, disclose your TIAA Bank Online Financial Center password by telephone or any other means to any person, including any person claiming to represent us. Of course, you may supply a security code to a TIAA Bank representative if you have initiated the call to a number supplied by TIAA Bank. NO person from the TIAA Bank family of companies will ever ask you for your Online Financial Center password. You are responsible for all transactions made or authorized using your username or password. You agree that if you give your username or password to anyone or fail to safeguard their secrecy, you do so at your own risk.

Sharing information

We may share information that we collect online and with trusted third parties according to the terms described in our Consumer Privacy Notice, including for purposes of providing client support and responding to your inquiries (including through the use of chat or video-based technologies). Third party service providers with whom we share personally identifiable information are contractually obligated to keep the information confidential and to use the information only to provide the services we have asked them to perform.

For a description of how TIAA Bank may share information collected from consumers who have applied for or obtained a consumer product or service from us, please refer to our Consumer Privacy Notice.

We will release specific information about you if we are compelled to do so to comply with valid legal processes such as a search warrant, subpoena or court order, or a valid administrative request from a law enforcement agency, or in the situation where we, in good faith, believe such information is necessary to prevent harm to you or others or to protect TIAA Bank’s interest in a dispute with you. As with any business, it is possible that as our business develops, we might sell or buy online businesses or other assets. In such transactions, information about clients often is among the transferred assets. Accordingly, in the event that TIAA Bank or any of its assets is acquired by a third party, such information may be one of the transferred assets.

Public forums

The TIAA Bank website may make chat rooms, forums, message boards, and/or news groups available to its users. Please remember that any information disclosed in these areas becomes public information and you should not disclose your personal information. TIAA Bank is not responsible for content posted by third parties to public forums. TIAA Bank reserves the right to discontinue offering public forums at any time for any reason.

Encrypted email

Encrypted email not only provides authentication but also protects your privacy. Encryption software “scrambles” the message so that only the intended recipient can read the message. Encrypted email often supports a digital signature with the same process. When combined, encryption and a digital signature allows you to obtain both authentication and privacy. TIAA Bank encourages and supports the use of encrypted messages for communication with TIAA Bank. TIAA Bank banking account holders have access from within the TIAA Bank Online Financial Center to an encrypted, secure web-based email system. That system will allow you to communicate via a secured channel with TIAA Bank Client Solutions Specialists.

Fraud and other internet risks

TIAA Bank maintains client authentication procedures to protect your personal information and account from identity theft. These procedures are for your protection. If you suspect a website is “spoofing” or pretending to be a TIAA Bank website, do not enter personal information but instead please contact us using the “Contact Us” function on this site, or send an email to fraud@TIAABank.com.

Information collected in surveys or contests

From time to time, TIAA Bank’s website may use online surveys or run contests that ask you for contact information (such as your email address) and demographic information (e.g., zip code, age or income level). TIAA Bank uses this contact and demographic data to send you information about TIAA Bank and promotional material from certain partners. To request that we not send you information about TIAA Bank and other promotional materials, see the “How to Refuse Communications” subsection below.

Other information collection

Demographic and profile data is also collected TIAA Bank’s website. TIAA Bank uses this data to tailor its visitor website experience, providing you content which TIAA Bank believes may be of interest to you, and to display content based on your preferences.

Links to other websites

The TIAA Bank website may contain links to other websites. TIAA Bank is not responsible for the privacy practices or the content of non-TIAA Bank websites. Please review the privacy statement found on each of these sites when linking through.

How to refuse communications

TIAA Bank’s website provides you with the opportunity to opt out of receiving communications from TIAA Bank and its partners. If you do not wish to receive future communications, or you no longer wish to receive TIAA Bank’s services, you may request that TIAA Bank remove your information from its database.

You can refer to the TIAA, FSB Consumer Privacy Notice for more information on your right to request that we not share certain aspects of your information. Please contact 1-855-260-8856 or privacy@TIAABank.com with any questions, concerns, or to exercise your right to request that we not share certain aspects of your information.

Many of our service providers who over time use cookies and similar technologies to collect information about your online activities for the purposes of Targeted Advertising and ad measurement and reporting, on both our website and third party websites with which they have a business relationship, offer you the ability to opt out of that collection of your information. For more information about how to opt out of such collection, please visit aboutads.info/choices . We do not currently respond to web browser “do not track” signals; if we do so in the future, we will describe how we do so in the Online Privacy Practices Statement. For more information on do not track, visit allaboutdnt.org .

Protecting children’s online privacy

TIAA Bank encourages protection of children’s information on the internet. We will not intentionally collect personal information from children under 13 on our website without first obtaining consent from their parents or legal guardians. For more information about the Children’s Online Privacy Protection Act (COPPA) please refer to the Federal Trade Commission’s website .

Changes

This notice describes our current online privacy practices. TIAA Bank may change its online privacy practices in the future, and we may revise this notice to reflect material changes. If we do change our policy, we will note those changes on our website. A message will be displayed on our homepage for a period of time that a change has been made. We may also send an email describing the changes. Your continued use of the website following the posting of changes to these terms will mean that you accept those changes.

Get in Touch

TIAA Bank Legal Department

301 West Bay Street Jacksonville, FL 32202

 Email