California Consumer Privacy Act Disclosure

Effective Date: January 1, 2020

Updated last:

Applicability

This California Consumer Privacy Act Disclosure explains how Synovus Bank and its corporate affiliates (collectively “Synovus,” “we” or “us”) collect, use, and disclose personal information relating to California residents covered by the California Consumer Privacy Act of 2018 (“CCPA”). This notice is provided pursuant to the CCPA.

Introduction

Under the CCPA, ‘Personal Information’ is information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular California resident. The CCPA, however, does not apply to certain personal information subject to privacy laws, such as Gramm-Leach-Bliley Act (GLBA), Fair Credit Reporting Act (FCRA) or Health Insurance Portability and Accountability Act (HIPAA).

The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. For example, this Disclosure does not apply with respect to information that we collect about California residents who apply for or obtain our financial products and services for personal, family, or household purposes. For more information about how we collect, disclose, and secure information relating to these customers, please refer to our Synovus Privacy Notice, Synovus Digital Privacy Statement and our Safety and Security Page.

Collection and Disclosure of Personal Information

In the past 12 months, we may have collected and disclosed to third parties for our business purposes, the following categories of Personal Information relating to California residents covered by this disclosure:

  • identifiers, such as name and government-issued identifier (e.g., Social Security number, driver’s license number, and passport number);
  • personal information, as defined in the California safeguards law, such as contact information and financial information;
  • characteristics of protected classifications under California or federal law, such as sex and marital status;
  • commercial information, such as transaction information and purchase history;
  • biometric information, such as fingerprints;
  • internet or network activity information, such as browsing history and interactions with our website;
  • geolocation data, such as device location and Internet Protocol (IP) location;
  • audio, electronic, visual and similar information, such as call and video recordings;
  • professional or employment-related information, such as work history and prior employer;
  • education information, such as student records and directory information; and
  • inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.

Use of Personal Information

In the past 12 months, we may have used Personal Information relating to California residents to operate, manage, and maintain our business, to provide our products and services, and to accomplish our business purposes and objectives, including the following:

  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
  • Short-term, transient use where the information is not disclosed to a third party and is not used to build a profile or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction
  • Auditing related to a current interaction and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards
  • Undertaking activities to verify or maintain the quality or safety of a service controlled by us, and to improve, upgrade, or enhance the service controlled by the business
  • Debugging to identify and repair errors that impair existing intended functionality
  • Undertaking internal research for technological development and demonstration
  • Complying with laws and regulations and to comply with other legal process and law enforcement requirements (including any internal policy based on or reflecting legal or regulatory guidance, codes or opinions)

Sale of Personal Information

In the past 12 months, we have not “sold” Personal Information subject to the CCPA. We do not and will not sell your personal information. For purposes of this Disclosure, “sold” means the disclosure of Personal Information to a third-party for monetary or other valuable consideration.

Rights under the CCPA

If you are a California resident, you have the right to:

  1. Request we disclose to you free of charge the following information covering the 12 months preceding your request:
    1. the categories of Personal Information about you that we collected;
    2. the categories of sources from which the Personal Information was collected;
    3. the business or commercial purpose for collecting Personal Information about you;
    4. our business or commercial purpose for disclosing the categories of personal information about you;
    5. the categories of personal information that we disclosed about you for a business or commercial purpose
    6. the categories of third parties to whom we disclosed Personal Information about you and the categories of Personal Information that was disclosed (if applicable); and
    7. the specific pieces of Personal Information we collected about you.
  2. Request we delete Personal Information we collected from you; and
  3. Be free from unlawful discrimination for exercising your rights under the CCPA

We will acknowledge receipt of your request and advise you how long we expect it will take to respond if we are able to verify your identity. Requests for specific pieces of Personal Information will require additional information to verify your identity.

If you submit a request on behalf of another person, we may require proof of authorization and verification of identity directly from the person for whom you are submitting a request.

In some instances, we may not be able to honor your request. For example, we will not honor your request if we cannot verify your identity or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA’s access or deletion rights.

We will advise you in our response if we are not able to honor your request. We will not provide social security numbers, driver’s license numbers or government issued identification numbers, financial account numbers, health care or medical identification numbers, account passwords or security questions and answers, or any specific pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft or fraud or unreasonable risk to data or systems and network security.

We will work to process all verified requests within 45 days pursuant to the CCPA. If we need an extension for up to an additional 45 days in order to process your request, we will provide you with an explanation for the delay.

How to Exercise Your Rights

If you are a California resident, you may submit a request by:

  1. Contacting us using our toll-free number: 1-888-SYNOVUS (1-888-796-6887)
  2. Submitting a request using our webform at: Synovus Privacy Request

Questions or Concerns

For further information about this disclosure or our practices, please call 1-888-SYNOVUS (1-888-796-6887).

Change Notice

Synovus may change or update this Disclosure from time to time. When we do, we will post the revised Disclosure on this page with a new revision date.