Wellthi and its affiliates are committed to compliance with the privacy requirements of the Gramm-Leach-Bliley Act, 15 U.S.C. §§ 6801, et seq. (GLBA), as well as other applicable federal and state laws that govern the use and protection of nonpublic personal information. GLBA Title V governs the treatment of nonpublic personal information about consumers. It requires notice to consumers about a financial institution’s privacy policies and practices, describes when nonpublic personal information may be disclosed to nonaffiliated third parties, and provides mechanisms for consumers to “opt out” from information sharing in certain circumstances. It also imposes requirements to ensure that customer information is properly protected and secured.
This Policy is owned by the Compliance Officer and is reviewed, updated, and submitted to Executive Management at least annually.
Wellthi utilizes an electronic version of the Consumer Privacy Notice in alignment with the Issuing Bank’s requirements and consistent with the government’s model form. An updated version of the notice will be maintained on Wellthi’s website.
We generally collect Personal Information in three ways:
1) information you provide to us,
2) information from third parties, and
3) information we collect automatically.
When you use, visit, or otherwise interact with the Services, for example, by contacting customer service, we collect Personal Information that you share with us or our third-party service providers. In order to establish a savings wallet or card account, Wellthi requests the customer to provider certain personal nonpublic information, including physical address, Social Security number, date of birth, email address, and other personal information that assist in verifying the identity of the individual. The full name, birth date and mobile phone number of a designee to help manage the account (often a spouse or partner) may also be requested to establish supplemental user rights to the applicant’s account, when available and if requested by the applicant.
If a minor requests that an account be created, we ask for the minor’s date of birth in order to determine whether the minor is eligible to set up their own account. Wellthi does not provide its Services to children younger than 16. We do not knowingly process any information from, or direct any of our products or services to children under the age of 16. Please do not provide us with any personal information related to children under the age of 16.
An account holder will often provide financial information to transfer funds from a bank account to fund the Wellthi wallet account. This financial information is not provided to Wellthi. We use a third-party to affect this transfer of funds, and users provide the required information to transfer funds to our third-party vendor.
We may also obtain information about you from third parties, including, but not limited to, identity verification services, credit bureaus, financial institutions, and other users to verify your identity or account, detect fraud, engage in collections, or as may otherwise be required by applicable law.
Whenever you interact with the Services, we, as well as our service providers, may collect information about which of the Services you have used and how you have used them. This can include usage information, time and date of activities, location, IP address, operating system version, internet service provider identity, or other usage information. This information helps us manage, improve, and customize the Services’ features and functionality and can be used to identify you like Personal Information.
Wellthi will not share customers’ nonpublic personal information with non-affiliates. We may share customer information with affiliates to enable them to work on our platform system. Wellthi will only share customers’ personal information with contracted entities for everyday business purposes such as processing transactions, maintaining accounts, delivering benefits to your account, or responding to court orders and legal investigations. Some examples of how we may use your Personal Information include:
Wellthi may also share Personal Information with third parties, as follows:
Please be aware that users of the Services may also themselves disclose Personal Information to others:
Wellthi may share aggregated customer information with third parties to offer partner or reward program benefits, so that Wellthi may offer you merchant promotions. However, this aggregated information does not identify a specific individual and does not contain Personal Identifiable Information (PII).
Wellthi maintains the preferences you have provided to us regarding the use, collection, and sharing of information, including how we may contact you.
We use reasonable administrative, technical, and physical security measures to protect such Personal Information against loss, misuse, and unauthorized access, disclosure, or alteration.
We comply with the U.S. Children’s Online Privacy Protection Act and the regulations implementing it (“COPPA”), to the extent applicable to us and to the Services.
Wellthi does not offer Services requested by children under the age of 18 and we do not knowingly collect “personal information,” as defined under COPPA, directly from individuals under the age of 18.
Collection, Use, and Disclosure of Personal Information.
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Your CCPA Rights and How to Exercise Them
If you are a California resident, you have certain rights, pursuant to the California Consumer Privacy Protection Act (“CCPA”). These CCPA rights may only apply in certain circumstances and are subject to certain exemptions. Please see the information below for a summary of your rights, how to exercise your rights and the information we require in order to respond to your requests. Please note that we may ask for certain information to verify the request in accordance with applicable law.
Third-Party Marketing Disclosure
Under California Civil Code Section 1798.83 (the “Shine the Light” law), California residents with whom we have a business relationship can request certain information regarding what types of personal information, if any, we shared with third parties for the direct marketing purposes of the third parties and the identities of the third parties with whom the business has shared such information in the immediately preceding 12 months. Please Contact Us if you would like to receive this information.
We do not exchange your Personal Information for money with anyone so that they can license or sell the Personal Information to additional parties.