Greenlight Logo

Privacy Policy

Effective Date: September 7, 2021

At Greenlight, our guiding principle is to treat our customers as we would our own families. We respect your family’s privacy, and we are committed to protecting your information.  This Privacy Policy describes the type of information we collect, how we use it, and the choices available to you regarding our use of your information.

TABLE OF CONTENTS

Greenlight Financial Technology, Inc. (“Greenlight Financial”) operates the greenlight.com website (the “Website”) and the associated Greenlight application for mobile phones and any other connected devices (the “Greenlight App”) for offering a prepaid debit card and related services. Greenlight Investment Advisors, LLC, a wholly-owned subsidiary of Greenlight Financial (“Greenlight Advisors”) is a registered investment advisor, which provides investment advisory services to clients of Greenlight Financial, who also become clients of Greenlight Advisors. Greenlight Advisors is responsible for the delivery of investment advisory services under the Invest tab of the Greenlight App.  Greenlight Advisors and Greenlight Financial are collectively referred to as “Greenlight,” “we,” “our” or “us” in this Privacy Policy. The prepaid debit card is offered by Community Federal Savings Bank (“CFSB” or the “Card Issuer”), as card issuer, which we market and assist you to obtain as part of our service offering.  Our services, products, features, functions, technologies, and content offered through the Website and the Greenlight App or by contacting our customer service are collectively referred to as “Greenlight Services.”  By using any Greenlight Services, you accept this Privacy Policy and agree to the collection and use of your Personal Information in accordance with this Privacy Policy. We use the term “Personal Information” in this Privacy Policy to describe information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual, household, or device. We do not consider Personal Information to include information that has been aggregated and/or otherwise de-identified such that it does not identify a specific individual, household or device. 

Our Terms of Service (available online at http://www.greenlight.com/terms-of-service), contain more detail about Greenlight Services and the card plans that are available to consumers and should be reviewed in that regard. Any capitalized terms appearing in this Privacy Policy and not defined herein shall have the meanings ascribed to them in the Terms of Service.  This Privacy Policy is limited to discussing such Greenlight Services to the extent they bear on our information collection and handling practices.

This Privacy Policy describes privacy practices for users of the services described below who are 13 or older. Please see the “CHILDREN’S PRIVACY POLICY” section within this Privacy Policy with respect to privacy practices with regard to children under 13 years of age. User accounts for minors under the age of 18 must be established by a parent or legal guardian.

PERSONAL INFORMATION WE COLLECT AND HOW

We generally collect Personal Information in three ways: (1) information a user provides to us, (2) information we collect automatically, as a digital platform, and (3) information we receive from third parties, as described further below.

Personal Information provided in connection with prepaid card services

When a user visits, uses or otherwise interacts with Greenlight Services, for example, by contacting customer service, you (the user) may sometimes give Personal Information directly to us or to our third-party service providers. In order to create an account to use the Greenlight card, as part of Greenlight Services, you must be 18 years old or older (or a parent or legal guardian if creating an account for a user under 18).  The account creator will provide the following Personal Information to us: account applicant’s full name, email address, street address, phone number, date of birth, and the applicant’s social security number (or, in some cases, only the last 4 digits). This Personal Information is used to verify the applicant’s (known as a “primary accountholder’s”) identity and set up the account. The full name, birth date, email address and (optionally) mobile phone number of individual sub-account users (typically children) or a designee (also known as a “secondary approver”) to help manage the account (often a spouse) is also requested from the applicant to establish such user rights ancillary to the applicant’s account. Designating a sub-account or secondary approver is optional.  The primary accountholder and secondary approver may see all Personal Information of accountholders across the account family (including transaction history).

When an individual requests that an account be created, we ask for the applicant’s date of birth in order to determine whether the applicant is a minor or is 18 years old or older and eligible to set up their own account. If the requestor is younger than 18, we require that the child’s parent or legal guardian complete the account creation process and disclose the minor’s Personal Information to us. See also our “CHILDREN’S PRIVACY POLICY” section below regarding privacy practices with regard to children under 13 years old.

We may invite accountholders from time to time to participate in surveys, sweepstakes, contests and other promotional programs and participation will always be optional. If you decide to participate, you may be asked to provide certain information to enable us to communicate with you about the opportunity, which may include Personal Information. If we make a sweepstakes, contest or other promotional offer available to non-accountholders, we will disclose the Personal Information we collect and why (typically to communicate about the offer) in the offer terms.

To fund the Greenlight card account, in order to use the Greenlight card, we request that the primary accountholder (or secondary approver if one is designated) transfer funds from a bank account, debit card or any other source that may be approved in the future.  The primary accountholder and any secondary approver may also permit the funding of a sub-account with a direct deposit of wages from an employer of the sub-account cardholder (e.g., participating child’s employer), and any primary accountholder can fund their Greenlight account by a transfer from their Invest Account held by DriveWealth (if the primary accountholder is a user of Invest Account Services described further below). DriveWealth is described further below in connection with Invest Account Services. 

When the primary accountholder or secondary approver elect funding by a bank account, we offer the Plaid open banking interface as one alternative to complete your request by inputting your online banking credentials instead of full bank account and routing numbers.   Plaid has its own separate privacy policy that you can click to review on the Plaid enrollment screen when you initially select Plaid to verify your bank account information or you can review Plaid’s privacy policy at the following link: https://plaid.com/legal/#end-user-privacy-policy.  The Plaid services allow Greenlight to (i) verify you own the bank account you elect to use as a funding source, (ii) verify the amount requested is available to fund your Greenlight account, and (iii) complete the transfer of funds to your Greenlight account. In order for this to occur, you consent to allow Plaid to share certain Personal Information with us. That Personal Information includes: the name of the bank account owner(s), the address, phone number(s), and email address(es) associated with the bank account, the account name, type, subtype, and balance, the last 2-4 digits of the account number for verification purposes, and a tokenized account number. We use this Personal Information to verify the bank account owner is the same person as the Greenlight primary accountholder or secondary approver. If you decide not to use the Plaid service to verify your bank account, you will have the option to perform a manual verification of your bank account using the process set forth on the Website (which includes verifying your bank account using small dollar test transactions). 

When the primary accountholder or secondary approver elects funding by debit card, Greenlight uses a third-party merchant acquirer to process your debit card payments.  The merchant acquirer will collect your debit card information including your full name appearing on the face of your debit card, card number, expiration date and CVV through various types of software development kits installed on the Website and Greenlight App, which allow the cardholder data to be collected by the merchant acquirer without being accessible to Greenlight.  The merchant acquirer is expected to maintain such data in compliance with the card network rules and Payment Card Industry – Data Security Standards.  We do not receive Personal Information back from the merchant acquirer about you.

If the primary accountholder enrolls in the Greenlight + Invest Plan or the Greenlight Max Plan, then they will have access to Invest Account Services.  “Invest Account Services” means the investment advisory services provided by Greenlight Advisors, an investment adviser registered with the U.S. Securities and Exchange Commission (“SEC”) and the brokerage services provided by DriveWealth, LLC (“DriveWealth”), an SEC-registered broker-dealer and member of the Financial Industry Regulatory Authority (“FINRA”) and the Securities Investor Protection Corporation (“SIPC”).  If you participate in Invest Account Services, then you consent to Greenlight and CFSB (the issuer of the Greenlight card) or their service providers sharing your Personal Information with DriveWealth in order to verify your identity for DriveWealth’s records and otherwise as necessary to comply with applicable legal requirements.  You also consent to DriveWealth’s delivery of your Personal Information to Greenlight Advisors including, without limitation, information about your brokerage account opened at DriveWealth (your “Invest Account”) such as your Invest Account number, securities positions, market values, transaction histories and balances.  DriveWealth’s Privacy Policy is available at https://legal.drivewealth.com/privacy-policy. Also, in order to participate in Invest Account Services, Greenlight Advisors will collect answers to regulatory questions as well as information about your investment objectives and your risk profile in order to make investment recommendations.

Automatic Collection

Like many digital platforms, Greenlight collects certain information automatically to help us manage, improve and customize our features and functionality. When you use, visit, or otherwise interact with Greenlight Services, we and our third-party service providers may use technology that stores or collects information sent to us by your computer, browser, mobile phone, or other device. This information may include your IP address, unique device identifiers, or other unique identifier; your device functionality, such as the type of browser, operating system, or hardware used; your device location, which may include a street name and city; your activities within Greenlight Services, including the portions of the Website and Greenlight App you access; your email address and mobile phone number; and other information. When you use Greenlight Services, we also collect information about your transactions and your activities using the Greenlight card, including financial and payment information. 

These technologies include “cookies” (small data files, including cookies, pixel tags, and/or other local storage provided by your browser or associated applications) on your computer, browser, mobile phone, or other device. You are free to decline optional cookies if permitted by your computer, browser, mobile phone, or other device, although doing so may affect your use of Greenlight Services.  We use both session cookies, which expire and no longer have any effect when you log out of your account or close your browser, and persistent cookies, which remain on your device until you erase them or they expire.

Information from Third Parties

When you use the Greenlight App, if you are the primary accountholder or secondary approver, we may receive the following information from your wireless operator: your mobile number, name, address, email, unique mobile device identifier and other subscriber details.

In addition to the Personal Information described above that we obtain about you from Plaid, DriveWealth and your wireless operator, we may also obtain information about you from third parties, including, but not limited to, identity verification services or social media platforms when you communicate with us about Greenlight Services via social media, as well as from your friends who may have referred you to use Greenlight Services.

HOW WE RESPOND TO WEB BROWSER “DO NOT TRACK” SIGNALS; OTHER TRACKING

Some web browsers transmit “do not track” signals to websites. Greenlight’s Website and App currently do not take action in response to these signals because it would limit our ability to deliver Greenlight Services and respond to your requests. Except for Greenlight service providers which help deliver Greenlight Services, we do not authorize any third party to track your use of Greenlight Services or track what other activities a user may have engaged in before or after using Greenlight Services (for example, using a different application or website).

HOW WE USE PERSONAL INFORMATION

We may use your Personal Information for one or more of the following purposes:

  • create, fund, maintain, customize, and secure your Greenlight card account with us;

  • process and analyze account transactions and payments, notify you about them, and audit them if needed;

  • provide Greenlight Services and customer support to you; 

  • deliver service update notices and promotional offers, answer questions and respond to your requests, and otherwise to communicate with you;

  • maintain the security and integrity of Greenlight Services, our technology, assets and business; 

  • engage in detection and prevention of fraud or other illegal activities and debugging;

  • if you participate in Invest Account Services, make investment recommendations for you;

  • if you participate in Invest Account Services, open an Invest Account with DriveWealth in your name and at your direction;

  • display your DriveWealth Invest Account information such as securities positions, market values, transaction histories and balances on the Greenlight Application;

  • enforce our Terms of Service and the Cardholder Agreement, including to prevent potential breaches;

  • respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;

  • if required by applicable law, perform identity verification on our own behalf and on behalf of the bank that issues the Greenlight card (CFSB) and the broker dealer for the Invest Account (DriveWealth);

  • test, personalize, develop and improve Greenlight Services, including to create new analytics, algorithms, or other tools, so we can better cater to your interests;

  • lock and unlock your Greenlight card;

  • market our products and services to you, including by presenting tailored content, and  features notices through our Website, third-party sites, in-App notifications, emails or text messages (with your consent, where required by law); and

  • evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our users, online visitors, business contacts or employees is among the assets transferred.

HOW WE SHARE PERSONAL INFORMATION

The Greenlight card is issued by CFSB.  As the card issuer, CFSB has a direct contractual relationship with each primary accountholder through the cardholder agreement that accompanies the prepaid account and each Greenlight card.  CFSB engages Greenlight as a service provider in its capacity as the program manager for the Greenlight card program responsible for marketing, distribution and operation of the Greenlight card program.  As CFSB’s agent for purposes of performing identity verification on primary accountholders and other operational services, Greenlight shares Personal Information it collects on behalf of CFSB with CFSB in order to enable CFSB  to issue a prepaid account to the primary accountholder and to issue Greenlight cards to any sub-accounts they designate (e.g., children). CFSB’s privacy policy is available at https://www.cfsb.com/wp-content/uploads/2021/05/cfsb-privacy-notice-5-21.2.pdf.  

Greenlight may also share Personal Information with third parties, as follows:

  • Service Providers. We engage with select service providers who provide services to support our operations such as: open banking interface providers (like Plaid); payment processors (including merchant acquirers and automated clearinghouse (ACH) payment processors); broker dealers (like DriveWealth); insurance providers for mobile phone protection and purchase protection ; identity verification services; cloud hosting providers (like AWS); marketing vendors such as email distribution providers, and other service providers. A number of these service providers are described in more detail above under “PERSONAL INFORMATION WE COLLECT AND HOW.”

  • Certain Mobile Carriers. If you access Greenlight Services via a mobile device, your device may transmit your request via your mobile carrier’s network and your carrier may have access to any information that is transmitted. You should consult your carrier’s privacy policy for additional information.

  • Other Parties. As further described in “HOW WE USE PERSONAL INFORMATION” above, we may share your information when we have reason to believe that disclosing the information is necessary to prevent fraud, damage to person or property, protect and secure our business, assets, user accounts or enforce legal rights or comply with subpoena, court order, legal process or obligations. We reserve the right to disclose any Personal Information as needed if that information is requested by law enforcement agencies or if we are required to do so by law or court order.

  • Successor Entities. We reserve the future right to disclose or transfer your Personal Information to a successor entity in the event of a corporate merger, consolidation, sale of assets or other corporate changes respecting Greenlight.

Please be aware that users of Greenlight Services may themselves disclose Personal Information to other members of their account family or to app stores in connection with downloads as follows:

  • A sub-account cardholder’s Personal Information, including but not limited to, established spending parameters, pending transactions, approved purchases, and transaction history, will be shared with the linked primary accountholder and with their secondary approver to manage the account, if any, who can access the information from the sub-account dashboard in the Greenlight App.

  • The first and last name, or any designated account name, of the primary accountholder and sub-account cardholders are known to one another and used to communicate between the accounts (e.g., sub-account cardholder sends request to primary accountholder to add more funds to the sub-account). In other words, individual users within an “account family” may also disclose their Personal Information to one another while using Greenlight Services.

  • When a user of Greenlight Services downloads the Greenlight App from Apple®, Google® or any other third party platform from which it may become available, the user provides certain Personal Information to the third-party platform in order to complete the download, and as may be necessary to receive updates to the Application through the platform, according to the platform’s separate privacy policy and terms.

YOUR RIGHTS AND CHOICES

Greenlight maintains the preferences the primary accountholder has provided to us regarding the use, collection, and sharing of Personal Information, including how we may contact you.

  • Marketing Preferences. Each recipient of our marketing emails may unsubscribe from the emails from within each marketing email, but please note that you may continue to receive emails with Greenlight account-related information, even if you opt-out of marketing emails.

  • Account Information. The primary accountholder and any secondary approver they designate to oversee the account and any sub-accounts linked to the primary account have access to information about sub-accounts unless and until a subaccount is closed. However, one sub-account cannot see information in another sub-account.

  • Update Your Information. Personal Information of accountholders can be reviewed and edited at any time by logging in to the primary account and reviewing the account settings and profile across the family of accounts (meaning all accounts linked to the primary account). It is the primary accountholder’s responsibility to make sure that Personal Information of users in the account family is accurate across the primary account and linked sub-accounts.   The primary accountholder should promptly update your account family’s Personal Information on the Greenlight App if your Personal Information changes or becomes inaccurate.

  • Closing Account(s). The primary accountholder can close the primary account or any sub-account by calling Greenlight Customer Service at 1-888-483-2645. If they close an account, the account will no longer be accessible to the accountholder and we will mark the account in our database as “Closed,” but may retain Personal Information from the account to collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, prevent fraud, enforce the Cardholder Agreement and Terms of Service, or take other actions as required or permitted by law.

  • Deletion of Personal Information. If you request us to delete your account information, we will delete as much information as we are legally permitted.  Due to regulatory recordkeeping obligations, we may be unable to delete all information associated with a closed account and may be required to retain information related to each accountholder and their Greenlight card account and their Invest Account in order to comply with applicable law.

  • Opt-Out Rights. We make the opt out rights available to California residents appearing in the “YOUR CALIFORNIA PRIVACY RIGHTS” section of this Privacy Policy available to other individuals in the U.S. on the same basis as California residents.

SECURITY

Greenlight’s Information Security Program is managed by dedicated information security personnel with commercially reasonable information security measures to protect your Personal Information against loss, misuse, and unauthorized access. These measures include, but are not limited to, data encryption, cyber threat detection, and internal access controls. We regularly have our Information Security Program assessed and validated by independent security audit experts. We use reasonable administrative, technical, and physical security measures to protect Personal Information we collect against loss, misuse, and unauthorized access. You and your linked sub-account cardholders are responsible for maintaining the security of your user names and passwords used to access Greenlight Services.

CHILDREN’S PRIVACY POLICY

At Greenlight, it’s our privilege to help parents raise financially-smart kids, and we take our responsibility to your children seriously. This “CHILDREN’S PRIVACY POLICY” explains our collection, use and parental consent practices in connection with Personal Information of children under 13 in accordance with the Children’s Online Privacy Protection Act or COPPA. This “CHILDREN’S PRIVACY POLICY” uses defined terms from the rest of our Privacy Policy, of which it forms a part.

The Information We Collect, How We Use It, and How and When We Communicate with Parents

During the registration process to create a primary account for use of Greenlight Services, regardless of whether registration occurs on the Website or on the Greenlight App, we first ask the individual attempting to register for their mobile phone number, whether they are a parent/guardian or a child, then we ask the individual for their date of birth.  If the date of birth indicates that the individual is a child younger than 13, then the child receives a message indicating that the child will need a parent or guardian to create an account, and the child is shown a message to tell their parent or guardian about Greenlight and have their parent sign up at the Website or download the Greenlight App.  In addition, the registration session ends for that individual, we do not retain the mobile phone number or birthdate information and no further registration information is collected.  If the individual is 13 years or older but younger than 18, then we will request the minor to provide a first and last name, an email address and password, and a parent’s cell phone number so that we can provide the parent with information about how to download the Greenlight App and finish registering an account. 

We request, via digital consent during the registration process, that the parent or legal guardian establishing sub-accounts represent that they are the parent or legal guardian of minors under the age of 13 for whom the account is established and that they consent to our collection and use of the child’s Personal Information in accordance with this “CHILDREN’S PRIVACY POLICY” section of our Privacy Policy.

When a parent or legal guardian decides to add a child as a sub-account, they provide us with the first and last name, and mobile phone number, if any, of a child under 13 in order to establish the child as a sub-account cardholder. The child is then invited to download the Greenlight App from the Apple® App Store or Google® Play and, upon doing so, are requested to enter an email address, password, date of birth and preferred pronoun.  Once a child under 13 starts using the Greenlight App, we collect and maintain transaction data and history from our prepaid card services and Invest Account Services for all accounts in order to provide Greenlight Services to them.

Parents and legal guardians can access Personal Information of a child under 13 at their own election from the account family’s dashboard, as described in more detail immediately below.

When Information is Available to Others

Members of Account Family. Parents or legal guardians, as primary accountholders, and any secondary approver can see the name, user name, preferred pronoun, email address, mobile phone number, and birth date of their sub-account cardholders as part of the account family dashboard. They also have access to all transaction details in their sub-accounts (such as purchase history details and Invest Account trade details). Sub-accounts cannot see one another’s data (including Personal Information); data relating to sub-accounts is only visible to that account’s sub-account cardholder, the primary accountholder that designated the sub-account, and the secondary approver (if any) designated by the primary accountholder.

Card Issuer.   The primary accountholder provides Community Federal Savings Bank, as card issuer, with access to their child’s Personal Information in order to issue a prepaid account to any sub-account cardholder (e.g., children) designated by the primary accountholder. Community Federal Savings Bank’s privacy policy is available at https://www.cfsb.com/wp-content/uploads/2021/05/cfsb-privacy-notice-5-21.2.pdf.  

Service Providers. In order to provide requested Greenlight Services, Greenlight may also share a child’s Personal Information, as necessary to perform Greenlight Services, with select service providers who provide services to support our operations such as: card manufacturing and fulfillment providers; insurance providers for mobile phone protection and purchase protection; cloud hosting providers (like AWS); email distribution providers; and other service providers. A number of these service providers are described in more detail above under “PERSONAL INFORMATION WE COLLECT AND HOW.”

Certain Mobile Carriers. If a child accesses Greenlight Services via a mobile device, the child’s device may transmit the request via the mobile carrier’s network and the carrier may have access to any information that is transmitted. You should consult the carrier’s privacy policy for additional information.

Legal Requirements and Fraud Protection.  We may share a child’s Personal Information when we have reason to believe that disclosing the information is necessary to prevent fraud, damage to person or property, protect and secure our business, assets, user accounts or enforce legal rights or comply with subpoena, court order, legal process or obligations. We reserve the right to disclose any Personal Information as needed if that information is requested by law enforcement agencies or if we are required to do so by law or court order.

Parental Choices and Controls

The primary accountholder can update or change Personal Information of a child at any time through the account settings.

At any time, a primary accountholder can refuse to permit us to collect further Personal Information of a child by closing that sub-account by calling Greenlight Customer Service at 1-888-483-2645. If you close an account, we will mark the account in our database as “Closed,” but may retain Personal Information from the account to deactivate the account with our service providers, allow the primary accountholder to reactivate the Greenlight account for some period in the future, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, prevent fraud, enforce the Cardholder Agreement and Terms of Service, or take other actions as required or permitted by law.

If you request us to delete your child’s sub-account information, we will delete as much information as we are legally permitted.  Due to regulatory recordkeeping obligations, we may be unable to delete all information associated with a closed sub-account and may be required to retain information related to each sub-account cardholder, their Greenlight card account and their Invest Account in order to comply with applicable law.  We will not share any individual trading data unless required by regulators or other governmental authorities, to support processing of settlement of your transactions, or in accordance with applicable laws or legal process.

Parents of children under 13 who are California residents may have additional rights to “know” and “delete” Personal Information of their children.  Please refer to “YOUR CALIFORNIA PRIVACY RIGHTS” section below.

NOTICE TO RESIDENTS OF OUTSIDE UNITED STATES

We are headquartered in the United States and currently Greenlight Services are only intended for residents of the United States. If you are located outside of the United States, be advised that any Personal Information you provide to us will be transferred to and stored in the United States and that, by submitting information to us, you explicitly authorize its transfer and storage within the United States. We reserve the right to use service providers in the United States and elsewhere as necessary to deliver Greenlight Services. We will protect the privacy and security of Personal Information according to this Privacy Policy regardless of where it is processed or stored.

CHANGES TO PRIVACY POLICY

Greenlight reserves the right to modify this Privacy Policy at any time and may apply changes to previously collected information, as permitted by applicable law. From time to time, we may change or update this Privacy Policy and will give notice of material changes as required by applicable law. We encourage you to review this Privacy Policy from time to time for any updates. You acknowledge and agree that we may notify you about any material changes in the way we treat Personal Information by giving you notice through Greenlight Services, including by posting an updated version of this Privacy Policy on the Website. Your continued use of Greenlight Services after any such notice shall constitute your acceptance of such changes. If you do not agree with any such changes, please stop using Greenlight Services.

CONTACT US

If you have questions about this Privacy Policy or our information practices, please contact us by email at info@greenlight.com or call 1-888-483-2645.

YOUR CALIFORNIA PRIVACY RIGHTS

The information included in this section applies to residents of California. 

For “Do Not Sell My Personal Information” requests, please complete the webform at https://greenlight.com/data-request.

If you have questions about this Privacy Policy, including anything in this section for California residents, or would like a printed copy of this Privacy Policy, please contact us at 1-888-483-2645 or by email to CAPrivacy@greenlight.com. If you would like to print a copy of this Privacy Policy, please select the “Print” button in your web browser.

Notice of Collection and Use of Personal Information

For details on the Personal Information we have collected about California residents in the last 12 months, the sources of that information, our business or commercial purposes for collecting that information, and the third parties with whom we shared that information, please refer to the corresponding sections of this Privacy Policy as follows:

  • See PERSONAL INFORMATION WE COLLECT AND HOW” for the categories of Personal Information collected and specific examples, sources from which, and how, we collected Personal Information

  • See “HOW WE USE PERSONAL INFORMATION” for our business or commercial purposes for collecting Personal Information

  • This section applies to California residents of all ages, but please also see “CHILDREN’S PRIVACY POLICY” for a more detailed description of how we handle Personal Information of children under 13 years old generally

Categories of Personal Information Collected

In particular, as part of Greenlight Services, we have collected the following categories of Personal Information from or about California residents who are primary accountholders or secondary approvers within the last twelve (12) months:

  • Identifiers.  See “PERSONAL INFORMATION WE COLLECT AND HOW” for a description of the Identifiers that we have collected from California residents. 

  • Personal information described in California Customer Records Statute.  See “PERSONAL INFORMATION WE COLLECT AND HOW” for a description of items such as bank account numbers and debit card numbers used as funding sources for Greenlight accounts, that we have collected from California residents.

  • Protected classification characteristics under California or federal law.  See “PERSONAL INFORMATION WE COLLECT AND HOW” for a description of items such as age and gender, that we have collected from California residents.

  • Commercial information. See “PERSONAL INFORMATION WE COLLECT AND HOW” for a description of commercial information that we have collected from California residents. 

  • Internet or other similar network activity.  See “PERSONAL INFORMATION WE COLLECT AND HOW” for a description of these items that we have collected from California residents.

  • Inferences drawn from other Personal Information. Greenlight may draw inferences about your preferences and future activities from the information above.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

How We Disclose or Sell Personal Information 

The following describes how we disclose, or share, information to third parties and the limited cases in which it may be considered a “sale” based on the California Consumer Privacy Act’s (“CCPA’s”) broad definition of the word “sale.”

  • See “HOW WE SHARE PERSONAL INFORMATION” for third parties with whom we disclose Personal Information.

  • We do not sell your Personal Information in exchange for money. However, we share Personal Information with certain third parties for our own marketing purposes which, under California’s privacy laws, may be considered a “sale.”  We may share the following categories of Personal Information with third parties for marketing purposes: your full name, date of birth, gender, postal address, email address, phone number, and Internet Protocol (IP) address.

  • We do not knowingly “sell” the Personal Information of minors under 18.

Your CCPA Rights and How to Exercise Them

If you are a California resident, you have certain rights, pursuant to the CCPA. These CCPA rights may only apply in certain circumstances and are subject to certain exemptions. Please see the information below for a summary of your rights, how to exercise your rights and the information we require in order to respond to your requests. Please note that we may ask for certain information to verify the request in accordance with applicable law.  In the event that you are a child under 18, we may request that your parent or legal guardian exercise these rights on your behalf as indicated below. 

  • Right to Know or Access. You have the right to request that we disclose the categories of Personal Information we collected, used, disclosed and/or sold about you in the last 12 months.  You also have the right to request access to the Personal Information (specific to you) that we collected, used, disclosed, and/or sold about you in the last 12 months.  To exercise your right to know or access, please contact us to submit your request by email at caprivacy@greenlight.com. You will be required to provide certain information which we will use to verify you and your request.  If you are an accountholder under age 18, your parent or legal guardian must submit your request on your behalf.  Non-accountholders under the age of 13 must also have a parent or legal guardian submit the request on your behalf.

  • Right to Delete. You have the right to delete Personal Information that we collect or maintain about you, but we likely will be unable to further provide Greenlight Services provided through an account (like the Greenlight card or Invest Account Services) to you if you exercise this right. To request deletion of your information, please contact us to submit your request by email at caprivacy@greenlight.com or by mail at Greenlight Financial Technology, Inc., 303 Peachtree St, NE, Suite 4300, Atlanta, GA 30308, Attn: CA - Personal Information Deletion. You will be required to provide certain information which we will use to verify you and your request. Please note that certain exceptions apply to this right, such as when we retain your information to comply with law, or to complete the transaction for which the Personal Information was collected, or to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity. We will notify you of any such exceptions as applicable to your request. If you are an accountholder under age 18, your parent or legal guardian must submit your request on your behalf.  Non-accountholders under the age of 13 must also have a parent or legal guardian submit the request on your behalf.

  • Right to Opt-Out of Sale.  We do not sell your Personal Information for money. However, to be able to offer Greenlight Services, we may share Personal Information of users who are 18 or older in a manner that could be considered a “sale” in California. Under California’s privacy laws, certain marketing activities may be considered a “sale” of Personal Information based on a broad definition of the word “sell.” We do not “sell” Personal Information for minors under 18.

If you are a California resident, 18 or older, you have the right to opt out from the “sale” of Personal Information. We also provide this right to Opt-Out of Sale to residents of other States. If you would like to exercise this right, you may use the “Do Not Sell My Personal Information” link on www.greenlight.com (also linked here: https://greenlight.com/data-request) to submit the request. You may also submit your request by email at caprivacy@greenlight.com.

  • Right to Non-Discrimination. You have the right not to receive discriminatory treatment by us for the exercise of any of your CCPA rights.

  • Right to an Authorized Agent. You can exercise your CCPA rights yourself or you can designate an authorized agent to make a request on your behalf. Your authorized agent must be able to demonstrate authority to act on your behalf as further instructed when submitting a verifiable request. 

Third-Party Marketing Disclosure

Under California Civil Code Section 1798.83 (the “Shine the Light” law), California residents with whom we have a business relationship can request certain information regarding what types of Personal Information, if any, we shared with third parties for the direct marketing purposes of the third parties and the identities of the third parties with whom the business has shared such information in the immediately preceding 12 months. You may request this information by contacting us using the contact information at the top of this “YOUR CALIFORNIA PRIVACY RIGHTS” section or contact us.

NOTICE TO NEVADA RESIDENTS

We do not exchange your Personal Information for money with anyone so that they can license or sell the Personal Information to additional parties.

Stay in touch:

© 2021 Greenlight Financial Technology, Inc. Patents Pending. The Greenlight card is issued by Community Federal Savings Bank, member FDIC, pursuant to license by Mastercard International.

© 2021 Greenlight Investment Advisors, LLC (GIA), an SEC Registered Investment Advisor provides investment advisory services to its clients. Investing involves risk and may include the loss of capital.

The reference to SEC registration does not imply that the SEC has endorsed or approved the qualifications of GIA or its respective representatives to provide any investment services described on this site or that GIA has attained a level of skill or training.