We collect information about you in a variety of contexts. For example, we may collect information:

• Directly from you. We and others on our behalf may collect information directly from you, such as when you apply or register for our products and services, use our online banking services or mobile apps, communicate with us, respond to surveys, provide feedback, or enter contests or promotions.
• Automatically when you use our Online Services. We and others on our behalf may collect Device Data, Online/Mobile Activity Data, and other information automatically when you interact with us online. Learn more about our use of Online Tracking Technologies.

This Privacy Policy applies to information we collect when you use our Online Services. We may combine that information with information we collect in other contexts, such as from our phone calls and emails with you, from third-party data sources for fraud prevention, identity verification, or marketing purposes, from our co-branded card or business partners, and from publicly available data sources. We will treat such combined information in accordance with this Privacy Policy.

Depending on how you interact online with us, we may collect various types of information about you. For example, we may collect:

• Contact or identity data, such as your name, mailing address, email address, phone number, date of birth, government-issued identifier (e.g., Social Security number, tax ID number, driver’s license, or other government ID), citizenship, business contact and professional information, username and password, profile picture, and other information that directly identifies you.
• Account data, such as account number, credit/debit card number, account history, account balances, loan details, vehicle or property information, information about beneficiaries and joint account holders, business-related information (e.g., business name, address, revenue, and industry type), information you provide when using our travel, entertainment, or dining services (e.g., dietary, seating, or other preferences), and other information related to your Capital One accounts, applications, or prequalification inquiries.
• Transaction data, such as credit/debit card purchases, payment or transaction history, transaction details when you transfer money to or from your Capital One accounts, third-party billing information or statements, payment card details, and information about flights, hotels, events, and other reservations booked through our travel, entertainment, or dining services.
• Credit report information, such as your credit score, credit history, and other information that we receive from credit reporting agencies when you use our Creditwise features or mobile app.
• Demographic data, such as gender, marital status, age, household size/composition, education information, income, occupation, veteran or military status, and employment status.

When you use or interact with our Online Services, including, for example, when you browse our website or use our mobile apps, we may also collect:

• Device data, such as your device type, web browser type and version, operating system type and version, display/screen settings, language preferences, device contacts (e.g., to facilitate Zelle payments), photos (e.g., to deposit checks), internet protocol address, mobile network information, general location (e.g., city, state, or country), precise location (e.g., latitude/longitude to find a nearby Capital One branch, café, or ATM), cookie IDs, device IDs, mobile advertising IDs (e.g., Apple’s IDFA or Google’s Advertising ID), and likely connections among different browsers and devices that you use (collectively, “Device Data”).
• Online/mobile activity data, such as login data, search history, information about how you use and interact with our Online Services or advertising (including content viewed, links clicked, and features used), when and how often you use our Online Services, the webpage from which you clicked a link to come to our Online Services (e.g., the referrer URL), and crash reports (collectively, “Online/Mobile Activity Data”).
• Marketing data, such as your marketing preferences, information about products or services we think you might like, and inferences based on your interactions with us or our partners (e.g., Online/Mobile Activity Data used for targeted advertising).
• Communications data, such as your communication preferences and details or the content of your communications with us (e.g., chat messages).
• Survey and research data, such as your responses to questionnaires, surveys, requests for feedback, and research activities.

If you inquire about or apply for a job at Capital One using our Online Services, we may also collect:

• Employment application data, such as professional, employment-related, and education history collected through the Online Services about job applicants, employees, associates, contractors, or other members of the Capital One workforce.

If you disclose any information relating to other people to us or to our service providers when you visit or use the Online Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

We use information for various purposes depending on how you interact with us. For example, we may use information about you for the purposes described below:

• Providing our products and services, such as enabling you to apply for and obtain Capital One products or services, evaluating your application or eligibility for a Capital One product or service, servicing and managing your accounts, providing customer service or support, communicating with you, and providing online tools and features.
• Processing transactions and payments, such as transferring funds between accounts, processing payments or transactions, fulfilling orders, and conducting settlement, billing, processing, clearing, or reconciliation activities, and helping you book flights, hotels, events, and other reservations through our travel, entertainment, or dining services.
• Verifying your identity, such as conducting identity verification when you apply for our products or services, authenticating your login credentials, verifying your location to allow access to your accounts, and storing security questions for subsequent verification online or over the phone.
• Detecting and preventing fraud, such as determining fraud risk and identifying fraudulent transactions.
• Protecting against security risks, such as monitoring network activity logs, detecting security incidents, conducting data security investigations, and otherwise protecting against malicious, deceptive, fraudulent, or illegal activity.
• Advertising and marketing, such as sending you offers for special products and services via mail, email, or text message, displaying online advertising, targeting our offers or promotions, providing sweepstakes, conducting market research, and evaluating or improving the effectiveness of our marketing efforts. Learn more about how we use online tracking technology.
• Conducting analytics and research, such as examining which parts of our website you visit or which aspects of our mobile apps you find most useful, evaluating user interface and experiences, testing features or functionality, performing debugging and error repair, and analyzing the use of our Online Services. Learn more about how we use online tracking technology.
• Improving our products and services, such as personalizing and optimizing your website and mobile experiences, recognizing you across different browsers and devices you use, improving existing products and services, and developing new products and services.
• Carrying out legal and business purposes, such as complying with applicable laws, responding to civil, criminal, or regulatory lawsuits, subpoenas, or investigations, exercising our rights or defending against legal claims (including for collections and recoveries on past-due accounts), resolving complaints and disputes, performing compliance activities, analyzing credit risk, conducting credit reporting activities, regulatory reporting, performing institutional risk control, conducting human resources activities, and otherwise operating, managing, and maintaining our business.
• Creating aggregated and de-identified information, such as using or modifying the information described in this Privacy Policy in a manner that does not allow us to reasonably identify you. For example, we may compile aggregated statistics to understand trends or to research the percentage of users accessing a specific website feature. Information that has been aggregated and de-identified is no longer subject to this Privacy Policy.

We share information in a variety of contexts. For example, we may share information about you with:

• Affiliates. We may share information with companies in the Capital One family.
• Business partners. We may share information with companies that we have partnered with to offer or enhance products and services for Capital One customers or prospective customers. For example, we may share information with co-branded credit card partners, joint marketing partners, bill pay partners, or retail partners that allow you to redeem credit card rewards.
• Marketing partners. We may allow companies to collect information through our Online Services in order to provide marketing services to us, including to target advertising to you based on personal information collected across different websites, mobile apps, and devices over time.  Learn more about how we use online tracking technology to conduct personalization, analytics, and targeted advertising, and how you can opt out.
• Service providers. We use other companies to provide services on our behalf and to help us run our business. We may share information with these service providers, or they may collect information on our behalf, for various business purposes. For example, we use service providers for hosting and securing our information systems, servicing customer accounts, detecting and preventing fraud, assisting with human resources activities, communicating with our customers, and analyzing and improving our Online Services.
• Other third parties with your consent or as necessary to provide our products and services. We share information with your consent or at your direction, such as when you ask us to share information with a money management app to track your financesor to share financing details with an auto dealer when shopping for a car. We also may share information with third parties to provide products and services that you request, such as with merchants that are authorizing Capital One credit card transactions, with travel, entertainment, or restaurant providers when you transfer funds or send money to friends and family via Zelle, and with third-party payment processors (such as Paypal or Stripe) when you make payment on our Online Services.
• Credit bureaus. We share information with credit reporting agencies, such as Experian, Transunion, and Equifax, to report on or learn about your financial history and for other lawful purposes.
• Government entities and others with whom we share information for legal or necessary purposes. We share information with government entities and others for legal and necessary purposes, such as:
  • To respond to requests from our regulators or to respond to a warrant, subpoena, governmental audit or investigation, law enforcement request, legal order, or other legal process.
  • In connection with a proposed or actual sale, merger, transfer, aquisition, bankruptcy, or other disposition of some or all of our assets, in which case we may share information with relevant third parties.
  • For other legal purposes, such as to enforce our terms and conditions, exercise or defend legal claims, comply with applicable laws, or if we determine that disclosure is necessary or appropriate to protect the life, safety, or property of our customers, ourselves, or others.

We may share aggregated and de-identified information (such as aggregated statistics regarding the use of our financial products and services) with third parties for any purpose.

Our U.S. Consumer Privacy Notice provides additional information about how we share information we obtain when offering financial products and services for personal, family, or household use.

We and third-party providers acting on our behalf use a variety of online tools and technologies to collect information when you visit or use the Online Services, including Device Data and Mobile/Online Activity Data. For example, we use these tools to collect information for debugging, fraud prevention, session management, and other necessary purposes. We also use these to conduct personalization, analytics, and targeted advertising on or through the Online Services. We may associate this tracking data with your Capital One account (if you have one).

These tools include:

• Server logs. Server logs automatically record information and details about your online interactions with us. For example, server logs may record information about your visit to our website on a particular time and day.
• Cookies. Cookies are small text files that a website’s server stores in your web browser. Cookies allow companies to recognize your device and store information about your account and preferences. For example, we may use cookies to store information about pages visited on our sites, language preferences, your relationship with us, or other information that we have associated with you or your device. You may be able to manage cookies on your device.
• Pixel tags. A pixel tag (also known as a web beacon, clear GIF, pixel, or tag) is an image or a small string of code that may be placed in a website, advertisement, or email. It allows companies to set or read cookies or transfer information to their servers when you load a webpage or interact with online content. For example, we or our service providers may use pixel tags to determine whether you have interacted with a specific part of our website, viewed a particular advertisement, or opened a specific email.
• SDKs and mobile advertising IDs. Our mobile applications may include third-party software development kits (“SDKs”) that allow us and our service providers to collect information about your mobile app activity. In addition, some mobile devices come with a resettable advertising ID (such as Apple’s IDFA and Google’s Advertising ID) that, like cookies and pixel tags, allow us and our service providers to identify your mobile device over time for advertising purposes.
• Third-party plugins. Our Online Services may include plugins from other companies, including social media companies (e.g., the Facebook “Like” button). These plugins may collect information, such as information about the pages you visit, and share it with the company that created the plugin even if you do not click on the plugin. These third-party plugins are governed by the privacy policies and terms of the companies that created them.

We and third-party providers acting on our behalf use online tracking technology to conduct personalization, analytics, and targeted advertising on or through the Online Services.

• Personalization. Capital One may customize content and advertisements for our products and services on our own and third-party websites and mobile apps. In order to make the content and advertising as informative and useful as possible, we may use the information we collect about you online, alone or in combination with information about your relationship with us (such as types of accounts, transactional information, or the state in which you bank). We also use online tracking technologies to recognize your computer or device when you’re logged in, enable enhanced features or functionality, improve usability, and otherwise provide the Online Services to you.
• Analytics. We and our third-party providers use online tracking technologies to engage in data analytics, auditing, measurement, research, reporting, and debugging on our Online Services and to measure the effectiveness of our advertising. For example, we use Google Analytics on our Online Services for such purposes. You can learn more about Google Analytics here and opt out here.

• Targeted advertising. We and our third-party providers may collect information about your activities on our Online Services and across different websites, mobile apps, and devices over time for targeted advertising purposes. These providers may then show you ads, including across the internet and mobile apps, and other devices, based in part on the information they have collected or that we have shared with them.

  For example, when you visit the Capital One website and explore our products, our advertising providers may use that information to determine which ads to show you when you go to other, non-Capital One websites. Similarly, when you view a Capital One ad on your computer, our advertising providers may use that information when deciding whether to show you a subsequent ad on your laptop or mobile device. For more information about targeted advertising, please see the Network Advertising Initiative’s (NAI) Understanding Online Advertising page.

  You may opt out of certain targeted advertising, as discussed below.