Your Privacy

Last Updated: May 8, 2022

About Us

Contrast Financial, Inc. (“Contrast”, “we”, “our”, and “us”) provides financial products and services and administers or manages financial products or services on behalf of bank partners and other financial institutions we work with (“Partner Banks”).

1. About This Policy 

Privacy and security are extremely important to us. This Privacy Policy (“Policy”) describes how we collect, use, and share information to operate our business, to develop and improve our products and services, and as otherwise outlined in this Policy. We suggest you read this Policy carefully. 

When you see the terms “you” or “your” in this Policy, it refers to you, the individual who visits our websites or uses our Services (as defined below), including customers of our Partner Banks.

This Policy applies to information we may collect when you open or use an account; access or use our websites, online banking services or any mobile applications we offer; when you otherwise interact with us; when you sign up to receive rewards or promotions we offer; or when you access or use products or services we administer or manage on behalf of our Partner Banks (collectively, the “Services”). Please note that this Policy applies to all products and services we offer you and only covers information that we collect, use, and share. This Policy does not cover your deposit accounts and debit card products you have with __________ Bank. Your deposit accounts and debit card will be governed by the Bank’s privacy policies. This Policy also does not cover any websites, products, or services provided or operated by third parties, including any third-party websites, applications, or services that may be accesses through the Services.

By using the Services, you accept and agree to this Policy. If you do not agree to this Policy, do not use or continue to use the Services.

2. Information Collection, Use and Sharing 

2.1 How We Collect Information 

We collect information from or about you in various ways including but without limitation: 

  • Directly from you. We collect information directly from you such as when you apply or register for one or more of our products or services, use our Services, communicate with us, respond to surveys, or provide us with feedback (including if you report a problem with our Services). 
  • Automatically when you use the Services. We may collect Device Information, Location Information, Online or Mobile Activity Information (as those terms are defined below) and other information when you visit, use, or interact with the Services. 
  • As a service provider. We collect information about you that you provide to one or more of our Partner Banks. We are acting as a service provider to these Partner Banks when we collect this information about you from them.
  • From vendors or other third parties. We may receive information about you from vendors or other third party service providers who work on our behalf in connection with providing the Services.

2.2 Types of Information We Collect 

We may collect certain information from or about you, including but without limitation, as described below:

  • When you apply for, request or use the Services. We may collect:
  • Personal Identifiers (for example, your name, email address, phone number, username, or other additional information we, our Partner Banks, or our third-party service providers may ask you to provide or you choose to provide).
  • Professional Information (for example, your title, the name of your employer or other additional information we, our Partner Banks, or our third-party service providers may ask you to provide or you choose to provide).
  • Financial Information (for example, financial account name and number, balance, transaction history or other additional information we, our Partner Banks, or our third-party service providers may ask you to provide or you choose to provide).
  • When you browse, use, or interact with the Services. We may also collect: 
  • Location Information (for example, your time zone setting and device location).
  • Device Information (for example, your device type or model, web browser type and version, and operating system type and version).
  • Online or Mobile Activity Information (for example, your Internet Protocol (“IP”) address, the domain name of your Internet service provider, your browser data, search history and information about how and when you use or interact with our Services).
  • Marketing Information (for example, your marketing preferences and inferences based on your interactions with us or our third-party service providers).
  • Communications Information (for example, your communications preferences and details or the content of your communications with us).
  • Survey and Research Information (for example, your responses to questionnaires, surveys, requests for feedback, and research activities). 
  • Inferences we derive from the information we collect.

2.3 How We Use the Information We Collect 

We may use the information we collect from or about you for various purposes, including, without limitation, the purposes described below:

  • Provide Services: To operate, provide, and maintain the Services related to offering of financial products or services to you, including by our Partner Banks (for example, to allow you to apply for and open accounts; verify your identity; provide customer service, communicate with you; and provide you with tools and features related to your accounts); 
  • Improve Existing Services: To improve, enhance, modify, add to, and further develop our Services related to the offering financial products or services to you, including by our Partner Banks;  
  • Advertising and Marketing: To send you offers for special products and services; display online advertising targeting our offers or promotions; conduct market research; and evaluate or improve the effectiveness of our marketing efforts; 
  • Conduct Analytics and Research: To examine which parts of our websites you visit or which aspects of the Services you find most useful, evaluate user interface and experiences, test features or functionality, perform debugging and error repair, and analyze your use of the Services; 
  • Detect and Prevent Fraud: To determine fraud risk and identify fraudulent transactions; 
  • Protect Against Security Risks: To protect against security risks, including by monitoring network activity logs, detecting security incidents, and conducting data security investigations;
  • For Legal Purposes: To carry out legal purposes, including to comply with applicable laws; to respond to civil, criminal, or regulatory lawsuits, subpoenas, or investigations; to exercise our rights or defend legal claims; and to resolve complaints and disputes; and 
  • With Your Consent: For other notified purposes with your consent at your direction.

2.4 How We Share the Information We Collect 

Our insert link to Privacy Notice or insert at bottom of this policy and reference here gives you certain choices about how we can use and share your personal information. We may share information we collect from or about you for various purposes, including but without limitation: 

  • Affiliates, Subsidiaries, or Parents. We may share your information with our affiliates, subsidiaries, or parents when permitted under relevant laws and regulations.
  • Business Partners. We may share your information with our Partner Banks and other companies that we work with to offer or enhance the Services. For example, we may share information with companies to bring you co-branded services, products or programs; joint marketing partners (which may our Partner Banks); bill pay partners; or retail partners with which you can redeem rewards or points when you use the Services, if you have signed up for a rewards program or otherwise opted-in to sharing your information with the retail partner. 
  • Service Providers. We may use third-party service providers to provide the Services on our behalf and to help us run our business. We may share your information with these third-party service providers or they may collect information on our behalf, for various business purposes. For example, we may use third-party service providers for hosting and securing our information systems, detecting and preventing fraud, or to help us qualify you to receive products or services from our Partner Banks.
  • Credit Bureaus and Other Consumer Reporting Agencies. We may share your information with consumer reporting agencies such as Experian, Equifax, Transunion, or Early Warning Services to report on or learn about your financial circumstances and for other lawful purposes.
  • Third Parties You Authorize or Direct Us to Share Your Information With. We may share your information with your consent or at your direction. 
  • Government Entities and Other Third Parties with Whom We Share Your Information for Legal or Necessary Purposes.  We may share your information with government agencies or similar entities for legal and necessary purposes, such as:
  1. To respond to requests from regulators or to respond to a warrant, subpoena, government audit or investigation, law enforcement request, legal order, or other legal process;
  2. To facilitate a merger, acquisition, sale, bankruptcy, or other change in ownership or control of some or all of our assets or business; and
  3. For other legal purposes, such as to enforce our Terms of Use, exercise or defend legal claims, or if we determine disclosure is necessary or appropriate to protect the rights, safety, or property of _________, you, our Partner Banks, or third-parties related to the Services.
  • Aggregated and De-Identified Information. We may share the information described in this Policy in a way that does not allow us to reasonably identify you, with third parties for analytics or other business purposes. Any information we aggregate or de-identify is no longer subject to this Policy. 

3 How We Use Online Tracking Tools or Technologies 

Services. We and our third-party service providers may use various online tools and technologies to collect information about you when you visit, interact with, or use our Services. For example, we or our third-party service providers may use these tools to provide analytics services and display advertisements on our behalf across the internet, including Google Analytics. We or our third-party service providers may use online tracking tools or technologies to collect information about your use of the Services and other websites and online services, including your IP address, web browser, pages viewed, time spent on pages, links clicked, and conversion information, that include, but are not limited to:  

  • Cookies or “Browser Cookies”: Cookies are small amounts of data that a website’s server stores in your web browser. Cookies allow companies to recognize your device and store information about your preferences or areas of interest. For example, we or our third-party service providers may use cookies to store information about pages you visited in the Services, your relationship with us, or other information we have associated with your device. Cookies may also allow us or our third-party service providers to relate your use of the Services to personalize your experience. Most web browsers allow you to manage or adjust your browser settings to decline or delete cookies but doing so may limit access to some of the Services and related features.
  • Web beacons: Web beacons are images or small strings of code that may be placed in a website, advertisement, email, or other marketing message. They allow companies to set or read cookies or transfer information to their servers when you load a webpage or interact with online content. For example, we or our third-party service providers may use web beacons to determine whether you interacted with a specific feature of the Services, viewed a particular advertisement, or opened a specific email. We or our third-party service providers may also use web beacons to help us recognize users, assess traffic or use patterns, and measure engagement with the Services, advertisements, emails, or other marketing campaigns.
  • Server logs. Server logs automatically record information and details about your online interactions with us. For example, server logs may record information about your visit to the Services at a particular time on a particular day.
  • Flash Cookies. Local stored objects or “Flash cookies” may be stored on your hard drive using a media player or other software installed on your device. Flash cookies are similar to browser cookies in terms of how they operate but may not be managed in your browser the same way. You may learn more about managing flash cookies here
  • Software Development Kits and Mobile Advertising IDs. Our mobile applications may include third-party software development kits that allow us and our third-party service providers or other companies we work with to collect information about your mobile app activity. Additionally, some mobile devices come with a resettable advertising IDs (such as Apple’s App Store Advertising Identifier Declarations or Google Play’s Advertising ID) that like cookies and web beacons, allow us and our third -party service providers to identify your mobile device over time for advertising purposes. 
  • Third-party plug-ins. The Services may include plug-ins from other companies, including social media companies. These plug-ins may collect information, such as information about the pages you visit, and share it with the company that created the plug-in even if you do not click on the plug-in. These third-party plug-ins are governed by the privacy policies and terms of the companies that created them.


Purposes.  We and third-party service providers use the information collected from online tracking tools or technologies  for various purposes including analyzing and tracking data, determining the popularity of certain content, delivering advertising and content targeted to your interests (“interest-based advertising”), and better understanding your online activity.


More information. For more information about interest-based ads, including to learn how you may be able to opt out of having your web browsing information used for interest-based or behavioral advertising purposes, please visit www.aboutads.info/choices. For more information about how Google uses your data, please visit www.google.com/policies/privacy/partners/.

4 How We Keep Your Information Secure 


We use reasonable physical, electronic, and procedural safeguards that comply with applicable laws and regulations to protect and limit access to your information. We restrict access to your information to those employees or third parties that need to know your information to provide the Services to you.

The safety and security of your information also depends on you. For example, where we have given you (or where you have chosen) a password for access to certain parts or features of the Services, you are responsible for keeping this password confidential.

While we strive to protect your information, no method of data transmission over the internet, mobile networks, wireless transmission, or electronic storage of information is 100% secure and we cannot guarantee the security of your information. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us. We are not responsible for circumvention of any privacy settings or security measures contained in the Services.

5 Information About Our Emails and Other Communications

We may provide you with information and summaries of the accounts, services, or products you have with us through email, text, SMS, and other electronic communications. We may also allow you to subscribe to email newsletters or subscriptions and from time to time, send you emails that promote our products and services. 

You may opt out of receiving our promotional emails and terminate any newsletter subscriptions by following the instructions in these emails. Opting out in this manner will not affect our ability to send you service or transaction related emails, such as information and summaries about the account, services, or products you have with us.

6 Information You Disclose Publicly or to Others 

The Services may allow you to publicly post or submit testimonials, comments, suggestions, reviews, photographs, video, information about your location, or other content, including personal information (collectively, “User Content”). We or other companies we work with may store, display, reproduce, publish, distribute, or otherwise use User Content in any media or format and may or may not attribute it to you. We may publish your name, voice, likeness, and other personal information that is part of you User Content. We may use the User Content or any part of the User Content for advertising, marketing, publicity, or other promotional activities.

Others may have access to User Content and may be able to share it with third parties. You should think carefully before sharing information with your User Content. We do not control who will have access to the information that you choose to make public. We cannot guaranteed that third-parties who have access to this information will respect your privacy or keep it secure. We are not responsible for the privacy or security of any information you make publicly available in the Services. We are not responsible for the accuracy, use or misuse of any User Content that you share or receive from third-parties through the Services. 

7 International Data

To the extent that we collect personal data or information, it is collected and stored in the United States. We do not transfer personal data or information outside the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdictions of any state, country, or territory other than that of the United States.

8 Your Choices

  • Updating your information. You may update information you provide to us as part of an online account we make available to you by logging into your account. Alternatively, you may contact us using the information provided in the “Contact Us” section of this Policy.
  • Privacy rights of California residents. If you are a California resident, you have certain rights under the California Consumer Privacy Act (“CCPA”) regarding the personal information we collect, use, or share, which may include the right to request access to or deletion of the personal information we collect about you. You may learn more about your rights in the “Rights of California Residents” section of this Policy. 

9 Access of Services by Children

Our Services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with personal information without the parent’s or guardian’s consent, he or she should contact us using the information provided in the “Contact Us” section of this Policy.

10 Changes to the Policy

We may update or change this Policy periodically. If we make any updates or changes, we will notify you by updating the effective date at the top of this Policy. We may also provide notice of any changes through other means, such as by sending you an email. We encourage you to review the Policy whenever you use or access the Services or otherwise interact with us to stay informed about our privacy practices and the choices available to you.

11 Contact Us

Please contact us at support@contrast.app with any questions about this Policy or our privacy practices.

12 Rights of California Residents 

This section of the Policy details how we collect, use, and disclose personal information subject to the CCPA. It describes the types of personal information we may collect about California residents, the sources of information from which we may collect personal information, and the ways we use and disclose personal information. We also describe the privacy rights of California residents under the CCPA and how they can exercise those rights. “You” or “Your” as used in this section means, you, the individual who visits our websites, uses our Services, or when you otherwise interact with us.

California residents have the following rights regarding their personal information:

  • The right to request the specific pieces of personal information we collect about you; the categories of personal information we collect; the categories of sources we use to collect your personal information; the business or commercial purposes for collecting your personal information; and the categories of third-parties with whom we share your personal information, each as it pertains to our activities in the preceding twelve (12) months;
  • The right to request, on legitimate grounds, deletion of your personal information we collect;
  • The right to have someone you authorize to make a request on your behalf; and
  • The right not to be discriminated against for exercising any of your rights.

In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm the personal information we maintain relates to you, or if we cannot verify you have the authority to make a request on behalf of another individual. We may also decline to honor your request when an exception applies, such as where disclosure of personal information would adversely affect the rights and freedoms of another consumer or where the personal information we maintain about you is not subject to the CCPA.  

Categories of Personal Information We Collect

The CCPA defines “personal information” as information that identifies, relates to, or could reasonably be linked (directly or indirectly) with a particular California resident or household. The CCPA generally does not apply to certain information, including personal information collected, processed, sold or disclosed pursuant to the federal Gramm-Leach-Bliley Act (“GLBA”) and its implementing regulations. The GLBA requires companies that offer consumers financial products or services to explain their information-sharing practices to their customers and to safeguard sensitive data. 

Most of the personal information we collect about California residents is collected in the context of offering you financial products and services, including financial products and services we manage or administer on behalf of our Partner Banks, pursuant to the GLBA and is not subject to the CCPA.

The categories of personal information we collect about a California resident depends on our specific relationship or interaction with that individual. 

We may collect and may have collected within in the preceding 12 months, the following categories of personal information, as defined in the CCPA, relating to California residents. The examples provided in each category below include both financial and non-financial information and are for illustrative purposes only.

CCPA Categories

Illustrative Examples

Identifiers

Name, address, email address, online identifiers, internet protocol (“IP”) address, Social Security numbers, driver’s license numbers, or other similar identifiers 

Personal Information (as defined in the California Customer Records Act, Cal. Civ. Code 1798.80)

Contact and financial information

Professional or employment-related information

An individual’s employer, title, or years of employment

Protected classifications under California or federal law

Age, marital status, sex, and veteran or military status

Commercial information

Physical or behavioral characteristics used or intended to be used to establish individual identity, such as for authentication or fraud prevention purposes

Internet or similar network activity information

Browsing history, search history, information on a consumer’s interaction with a website or application

Geolocation data

Device location 

Audio, electronic, visual, or similar information

Call and video recordings

Inferences drawn from other personal information

Certain inferences about an individual’s preferences and characteristics

Categories of Our Sources of Personal Information

We may collect, and may have collected within the preceding 12 months, personal information relating to California residents from the following sources. The examples provided below are for illustrative purposes only.

Sources 

Illustrative Examples

Directly from California residents

Applications for a product or service, bank transactions, interactions with our websites or mobile apps, calls to our call centers

Affiliates

Companies related by common ownership or control, which may be financial or non-financial

Business partners

Partner banks

Service providers

Software providers, communication services, fraud prevention services, data analytics providers, data security providers, data providers

Third parties that California residents authorize or direct to share their information with us

Payment processors, lenders, credit reporting agencies

Government or public sources

Public data published by state or federal governments

Purposes for Which We Use Personal Information

The purposes for which we use the personal information we collect depend on our relationship or interaction with a specific California resident. We may use personal information relating to California residents for one or more of the following business purposes:

  • Providing and maintaining our products and services;
  • Verifying your identity;
  • Detecting and preventing fraud;
  • Protecting against security risks; 
  • Conducting research and data analysis; 
  • Maintaining our facilities, systems, and infrastructure;
  • Improving our products and services;
  • Carrying out our legal and business purposes, such as complying with applicable laws, responding to civil, criminal, or regulatory lawsuits, or investigations, exercising our rights or defending against legal claims, resolving complaints and disputes, performing compliance activities, performing institutional risk control, and otherwise operating, managing, and maintaining our business; and
  • As otherwise disclosed to you at or before the point of collecting your personal information.

We may also use personal information relating to California residents for one or more of the specific “business purposes” listed in the CCPA: 

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity; 
  • De-bugging to identify and repair errors that impair existing intended functionality;
  • Short-term, transient use;
  • Performing services on our behalf or on behalf of our service providers, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, or providing similar services on our behalf or on behalf of our service providers;
  • Undertaking internal research for technological development and demonstration; and
  • Undertaking activities to verify or maintain the quality of or safety of a service we own or control, and to improve, upgrade, or enhance the service that we own or control.

Disclosure of Personal Information to Third Parties

The reasons we disclose personal information we collect about a California resident may depend on our specific relationship or interaction with that individual. In the preceding 12 months, we may disclose or may have disclosed each of the categories of personal information discussed above relating to California residents for our business purposes to one or more of the following categories of third-parties. The examples listed below are for illustrative purposes only.

Third Parties 

Illustrative Examples

Consumers

You, your family, your associates, or your representatives

Service providers

Software providers, communication services, fraud prevention services, data analytics providers, data security providers, data providers

Third parties that California residents authorize or direct to share their information with us

Payment processors, lenders, credit reporting agencies

Government or public sources

Public data published by state or federal governments

Professional advisors

Accountant auditors, financial advisors, lawyers, and other outside professional advisors to us, subject to confidentiality

Sale of Personal Information

We do not offer an opt-out from the sale of personal information because we do not “sell” personal information about California residents within the meaning of the CCPA. For purposes of this section “sell” means the disclosure of personal information for monetary or other valuable consideration.

How to Exercise Your Rights 

If you are a California resident and would like to exercise your rights, please submit your request by calling us toll-free at ____________ or emailing us at support@contrast.app. 

Once we receive your request, we will try to verify your identity through accounts you have with us or by requesting additional information sufficient to confirm your identity, such as photos of your government-issued identification. We will also ask you questions to verify your identity. We may use also use a third-party identity verification service to verify your identity. If you would like to use an agent or other person you authorize to exercise your CCPA rights or if you are an agent or authorized person seeking to exercise CCPA rights on behalf of another person, please contact us using one of the methods indicated above.


Joining the waitlist takes 15 seconds