Online privacy practices statement
This notice describes the online privacy practices of TIAA Bank and its subsidiaries (“TIAA Bank”) and applies to anyone who visits our websites. It explains how we may collect information from you online when you visit a TIAA Bank website and how we protect and use that information.
The information that you provide to TIAA Bank (or that we otherwise receive) when you apply for or receive a product or service used primarily for personal, family or household purposes is governed by the TIAA, FSB Consumer Privacy Notice
Online information collection
When you use our website, TIAA Bank collects information in several ways:
- If you use online banking services, we collect and use information as described in the TIAA, FSB Consumer Privacy Notice.
- TIAA Bank collects and uses your IP address to help diagnose problems with its servers and to administer the website. An IP address is like a telephone number for a computer on the Internet. Just as one can locate a phone number in the telephone book, computers can locate an IP address using a Doman Name Service Server. TIAA Bank uses your IP address and information transmitted from your computer to help identify your computer and browser as you move throughout the TIAA Bank website, and to gather general information such as where your Internet Service Provider is located or the type of service that you have. In many cases, this allows TIAA Bank to present a convenient, more customized website to you.
- TIAA Bank also collects information that you provide to us through your use of the website and its features (including live chat or video sessions) to provide client support and to respond to your inquiries.
Protecting your information is important to TIAA Bank. We’ve instituted policies, procedures, employee training and communication programs designed for the purpose of protecting your information. Some examples of how TIAA Bank protects your information include the following safeguards that TIAA Bank applies to nonpublic personal information (NPI), as that term is defined and regulated under the Gramm-Leach-Bliley Act (15 U.S.C. § 6809(4)):
- Restricting access to NPI to only those persons with a business need to know the information in order to process or service client account(s).
- Contractually requiring third parties doing business with TIAA Bank to comply with all applicable privacy and security laws.
- Maintaining physical, electronic, and procedural safeguards that comply with applicable federal and state standards to safeguard NPI.
By using our online services, you acknowledge and agree that you will not, under any circumstances, disclose your TIAA Bank Online Financial Center password by telephone or any other means to any person, including any person claiming to represent us. Of course, you may supply a security code to a TIAA Bank representative if you have initiated the call to a number supplied by TIAA Bank. NO person from the TIAA Bank family of companies will ever ask you for your Online Financial Center password. You are responsible for all transactions made or authorized using your username or password. You agree that if you give your username or password to anyone or fail to safeguard their secrecy, you do so at your own risk.
We may share information that we collect online and with trusted third parties according to the terms described in our Consumer Privacy Notice, including for purposes of providing client support and responding to your inquiries (including through the use of chat or video-based technologies). Third party service providers with whom we share personally identifiable information are contractually obligated to keep the information confidential and to use the information only to provide the services we have asked them to perform.
For a description of how TIAA Bank may share information collected from consumers who have applied for or obtained a consumer product or service from us, please refer to our Consumer Privacy Notice.
We will release specific information about you if we are compelled to do so to comply with valid legal processes such as a search warrant, subpoena or court order, or a valid administrative request from a law enforcement agency, or in the situation where we, in good faith, believe such information is necessary to prevent harm to you or others or to protect TIAA Bank’s interest in a dispute with you. As with any business, it is possible that as our business develops, we might sell or buy online businesses or other assets. In such transactions, information about clients often is among the transferred assets. Accordingly, in the event that TIAA Bank or any of its assets is acquired by a third party, such information may be one of the transferred assets.
The TIAA Bank website may make chat rooms, forums, message boards, and/or news groups available to its users. Please remember that any information disclosed in these areas becomes public information and you should not disclose your personal information. TIAA Bank is not responsible for content posted by third parties to public forums. TIAA Bank reserves the right to discontinue offering public forums at any time for any reason.
Encrypted email not only provides authentication but also protects your privacy. Encryption software “scrambles” the message so that only the intended recipient can read the message. Encrypted email often supports a digital signature with the same process. When combined, encryption and a digital signature allows you to obtain both authentication and privacy. TIAA Bank encourages and supports the use of encrypted messages for communication with TIAA Bank. TIAA Bank banking account holders have access from within the TIAA Bank Online Financial Center to an encrypted, secure web-based email system. That system will allow you to communicate via a secured channel with TIAA Bank Client Solutions Specialists.
Fraud and other internet risks
TIAA Bank maintains client authentication procedures to protect your personal information and account from identity theft. These procedures are for your protection. If you suspect a website is “spoofing” or pretending to be a TIAA Bank website, do not enter personal information but instead please contact us using the “Contact Us” function on this site, or send an email to fraud@TIAABank.com.
Information collected in surveys or contests
From time to time, TIAA Bank’s website may use online surveys or run contests that ask you for contact information (such as your email address) and demographic information (e.g., zip code, age or income level). TIAA Bank uses this contact and demographic data to send you information about TIAA Bank and promotional material from certain partners. To request that we not send you information about TIAA Bank and other promotional materials, see the “How to Refuse Communications” subsection below.
Other information collection
Demographic and profile data is also collected TIAA Bank’s website. TIAA Bank uses this data to tailor its visitor website experience, providing you content which TIAA Bank believes may be of interest to you, and to display content based on your preferences.
Links to other websites
The TIAA Bank website may contain links to other websites. TIAA Bank is not responsible for the privacy practices or the content of non-TIAA Bank websites. Please review the privacy statement found on each of these sites when linking through.
How to refuse communications
TIAA Bank’s website provides you with the opportunity to opt out of receiving communications from TIAA Bank and its partners. If you do not wish to receive future communications, or you no longer wish to receive TIAA Bank’s services, you may request that TIAA Bank remove your information from its database.
You can refer to the TIAA, FSB Consumer Privacy Notice for more information on your right to request that we not share certain aspects of your information. Please contact 1-855-260-8856 or privacy@TIAABank.com with any questions, concerns, or to exercise your right to request that we not share certain aspects of your information.
Protecting children’s online privacy
TIAA Bank encourages protection of children’s information on the internet. We will not intentionally collect personal information from children under 13 on our website without first obtaining consent from their parents or legal guardians. For more information about the Children’s Online Privacy Protection Act (COPPA) please refer to the Federal Trade Commission’s website .
This notice describes our current online privacy practices. TIAA Bank may change its online privacy practices in the future, and we may revise this notice to reflect material changes. If we do change our policy, we will note those changes on our website. A message will be displayed on our homepage for a period of time that a change has been made. We may also send an email describing the changes. Your continued use of the website following the posting of changes to these terms will mean that you accept those changes.