Effective: December 7, 2022
(Last Reviewed: August 14, 2023)
This California Consumer Privacy Act Notice at Collection ("Notice") is provided by the Wells Fargo companies described below. These companies are referred to in this Notice as "we" or "us."
Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (the "CCPA"), "personal information" is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. This information is referred to in this Notice as "Personal Data."
This Notice explains:
- Categories of Personal Data that we collect about residents of California; and
- The business or commercial purposes for which we use that Personal Data.
Categories of Personal Data that We Collect
We collect Personal Data in a variety of contexts. For example, we collect Personal Data to provide financial products and services, for our human resource, and vendor management purposes.
The Personal Data that we collect about a specific California resident will depend on, for example, our relationship or interaction with that individual.
We collect the following categories of Personal Data. Wells Fargo does not sell or share Personal Data, including Sensitive Personal Data.
- Personal Identifiers — Personal unique identifiers, such as full name and federal or state issued identification numbers, including Social Security number, driver’s license number, and passport number;
- Personal Information — Personal information, including contact details such as telephone number and address, financial information (e.g., account number and balance), payment card details (e.g., credit and debit card numbers), and medical and health insurance information;
- Characteristics of Protected Classes — Characteristics of protected classes or groups under state or federal law, such as sex, disability, citizenship, primary language, immigration status, and marital status;
- Purchase Information — Purchase information, such as products and services obtained and transaction histories;
- Biometric Information — Biometric information, such as fingerprints and voiceprints;
- Internet or Online Information — Internet or online information (e.g., browsing history) and information regarding interaction with our websites, applications, or advertisements;
- Geolocation Data — Geolocation data, such as device location;
- Audio and Visual Information — Audio, electronic, visual, or similar information, such as call and video recordings;
- Employment Information — Professional or employment-related information, such as work history and prior employer, information from background checks, resumes, and personnel files;
- Education Information — Education information subject to the federal Family Educational Rights and Privacy Act, such as student records and confirmation of graduation;
- Inferences — Inferences based on information about an individual to create a summary about, for example, an individual’s preferences and characteristics; and
- Sensitive Personal Information —
- Social Security number, driver’s license, state identification card, or passport number;
- Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
- Precise geolocation;
- Racial or ethnic origin, religious or philosophical beliefs, citizenship, or immigration status;
- The contents of mail, email, and text messages unless we are the intended recipient of the communication;
- Biometric information processed to uniquely identify an individual; and
- Health information, sexual orientation.
Why We Collect Personal Data and How We Use It
The business and commercial purposes for which we collect and use Personal Data depend on, among other things, our relationship or interaction with a specific California resident. The table below lists the purposes for which we collect and use Personal Data in different contexts.
Purposes for Collection and Use | Examples |
---|---|
Provide and manage products and services |
|
Support our everyday operations, including to meet risk, legal, and compliance requirements |
|
Manage, improve, and develop our business |
|
Support employment, infrastructure, and human resource management |
|
Use of Sensitive Personal Information as permitted by law |
|
Data Retention
We will keep Personal Data no longer than necessary to fulfill the purposes described in this Notice. Under our record retention policy, we are required to destroy Personal Data after we no longer need it according to specific retention periods. However, we may need to hold Personal Data beyond these retention periods due to regulatory requirements or in response to a regulatory audit, investigation, or other legal matter. These requirements also apply to our third-party service providers.
Wells Fargo’s California Consumer Privacy Act Notice
Wells Fargo’s California Consumer Privacy Act Notice is available for review or download.
Changes to this Notice
We may change or update this Notice periodically. When we do, we will post the revised Notice on this webpage indicating when the Notice was "Last Updated."
Wells Fargo Companies Providing this Notice
This Notice is provided by Wells Fargo and Company and its subsidiaries that either: (1) act as a business within the meaning of the CCPA, or (2) are controlled by Wells Fargo and Company and use the Wells Fargo name. As an example, companies providing this Notice include Wells Fargo Bank, N.A.