Synovus® Bank Digital Privacy Statement

Effective Date: May 25, 2022

This Digital Privacy Statement (“Privacy Statement”) applies to information that Synovus Bank on behalf of itself and its corporate affiliates (collectively “Synovus,” “we” or “us”) collects on www.synovus.com and on the My Synovus™ Mobile App, the Synovus™ Connection Card App, Synovus™ Card Alerts App, Synovus™ Gateway, Synovus™ Gateway Mobile App, and any other mobile application made publicly available by Synovus, Synovus-branded social media presences, digital advertising campaigns, and any other websites, applications and digital Sites which expressly reference or link to this Privacy Statement (each a “Site” and collectively, the “Sites”). By using a Site, you agree to the terms and conditions of this Privacy Statement. You may download a copy of this Privacy Statement here.

Your privacy is important to us. This Privacy Statement describes the information we collect, why we collect it, and what we do with the information we collect from or about you through the Sites. This Privacy Statement does not apply to third-party websites and other Synovus websites and applications that do not link to or reference this Privacy Statement and does not apply to information collected from you offline. Additional information about our privacy and security practices may be found on our Sites and within Frequently Asked Questions (FAQs) we may publish from time to time on a Site. This additional information is provided as a resource and the terms and conditions of this Privacy Statement control in the event of a conflict.

The Sites are intended for persons currently residing in the U.S. who have reached the age of majority in their states and for Synovus joint account holders who are 13 years of age or older. You are not authorized to access and use the Sites if you are located outside the U.S.

The Site is not directed to or intended for use by children under the age of 13. Consistent with the requirements of the U.S. Children’s Online Privacy Protection Act (COPPA), Synovus does not direct its website or provide any online service that would knowingly collect personal information from children under the age of 13. For more information about the Children’s Online Privacy Protection Act (COPPA) please refer to the FTC’s website at https://www.ftc.gov/business-guidance/privacy-security/childrens-privacy. If you believe that we have received information from a child or other person who is not a majority age in their relevant jurisdiction, please contact us at our e-mail or physical mailing address listed in the “Contact Us” section below and we will take all reasonable efforts to remove the information.

California Minors: If you are a California resident who is under the age of 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: info@synovus.com. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the content or information. Removal of your content or information from the Service does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.

If you are a Synovus customer, information that we receive from you through your use of a Synovus product through a Site, such as online banking or mobile banking, is covered by the Synovus Privacy Notice available here and not this Privacy Statement. For Synovus customers, if this Privacy Statement and the Synovus Privacy Notice conflict or are inconsistent, then the Synovus Privacy Notice applies to the extent of the conflict or inconsistency.

If you do not agree with any part of this Privacy Statement, you may not use any of our Sites.

How We Define Personal Information
For purposes of this Privacy Statement, “Personal Information” means any information you provide us on a Site that personally identifies you. For example, Personal Information includes your name, postal address, telephone, fax and mobile numbers, email address, Social Security number, login credentials, and account numbers. Personal Information also includes information that does not directly identify you but when combined with other information identifies (or can be used to identify) you.

How We Collect and Use Your Personal Information
How we collect information from you depends on how and why you use the Sites. Synovus collects information in the following ways:

When You Give Synovus Information: When you create an account online, we ask you for Personal Information such as your name, email address, telephone number, Social Security Number, Driver’s License or other government-issued identification number, and payment card number and associated security code. Certain parts of the Sites require users to provide contact information (such as name and e-mail address), demographic information (such as ZIP code), financial information (such as account numbers and payment card numbers) and other similar information. If you sign up for emails about Synovus’ latest news and new products, we collect the email address that you give us. We also collect feedback, questions and information that you provide to us for customer support.

When You Use the Sites: We collect information about how and when you use the Sites including:

Through Server Logs: A server log is a list of the activities that a server performs. Synovus’s servers automatically collect and store in server logs, your search queries, Internet Protocol (IP) address, the date and time of your request and referral URL, and certain cookies that identify your browser or Synovus account.

From Your Computer or Mobile Device: We collect information about your computer, tablet or mobile telephone (“Device”), such as model, operating system version, mobile network information, telephone number, internet service provider and similar identifiers. We may associate your Device information with your account. We may collect and store information (including Personal Information) on your Device through browser web storage (including HTML 5) and web application data caches.

We may collect data about the location of the Device that you use to access the Sites (“Location Data”) using IP address, GPS, cellular towers and other information from your mobile service provider, Bluetooth address, Wi-Fi access points, and information made available by you or others that indicates your current or prior location, such as geotag information in photographs. We may use Location Data in responding to your request for Synovus branch and ATM locations near you, to assist in verifying your identity, and as an indicator of suspicious activity or fraud. How we collect Location Data depends on whether you use a mobile application (“App”) or website to access the Sites. Certain Sites may collect Location Data even when you are not actively using the Sites. If you do not want us to collect Location Data from your mobile Device, please turn off the location services in your Device settings.

Through Mobile Applications: We may from time to time offer Apps that collect information about your use of and interaction with the App, such as your Device’s operating system, browser type, domain and other system settings, search queries, the country and time zone in which your Device is located, metadata, and other information associated with files stored on your Device. Your use of our Apps may require use of other mobile applications on your Device such as the use of your Camera for mobile deposits and the use of your Location service for finding a nearby branch. You will also grant us access to information from your Device such as contact lists when you request certain Apps (e.g., to send and receive money to/from known people and small businesses). We use commercially reasonable efforts to cause the applicable Synovus App to trigger a requirement for your consent prior to the Synovus’ App accessing your other Device mobile application for the first time. We may collect data through the use of the other Device application in order to provide the requested service and for other purposes consistent with this Digital Privacy Statement.

Through Cookies and Similar Tools: We use cookies, pixel tabs (also known as web beacons, flash cookies and clear GIFs), and similar technology to automatically collect information about you when you use the Sites. Please read the “How We Use Data Collection Tools” section (below) to learn more about how Synovus uses these tools.

From Other Sources: Synovus collects information about you from third parties:

When you Connect with Social Media through the Sites: The Sites link to social media platforms through “plug-ins” (e.g., Facebook, Twitter, Instagram and LinkedIn buttons). When you access social media from one of our Sites the social media platform may receive Personal Information about you. Once on a social media platform, whether on a Synovus or Synovus affiliate-branded page or not, the social media platform’s privacy policies and practices apply to the collection and use of your data collected during your time on their platform. When you are logged into your social media account and access the Sites, we may (depending on your settings) automatically receive information (including Personal Information) from the social media platform. Synovus collects and uses this information for the purposes described in this Privacy Statement or at the time the information is collected; however, Synovus does not currently use or store any Personal Information received from any social media platform.

From Third Parties: Synovus may from time to time supplement the information that we collect from you with information from third parties. We may combine the third-party information with information that we already have from or about you.

Through Service Providers: Third parties that assist us with our business operations also collect and use information (including Personal Information) through the Sites, and also may share the collected information with us. For example, our service providers collect and share information with us to analyze the performance of the Sites and to detect and prevent fraud. We also may share information with third party service providers upon your request.

Synovus uses your Personal Information as described in this Privacy Statement and for any other purpose that we disclose when we collect your Personal Information.

Synovus uses Personal Information to:

  • identify you so you can access and use the Sites and we can personalize your experience of the Sites;
  • respond to your inquiries and fulfill your requests for information, products or Sites;
  • verify your identity;
  • deliver advertisements and marketing communications to you;
  • help us understand the types of products and Sites that interest you and present you with offers for them;
  • provide you with important notices about our products and policies or other administrative information;
  • evaluate your eligibility for products or Sites;
  • allow you to use our financial planning tools available on the Sites;
  • consolidate your financial account information at one online location;
  • conduct data analysis, identify usage trends, and determine the effectiveness of promotional campaigns;
  • develop and improve the Sites and our products;
  • detect and prevent fraud;
  • comply with applicable laws and regulations, legal process, and law enforcement requirements;
  • to allow you to utilize features within our Sites by granting us access to information on your Device; and
  • enforce the applicable Site Terms of Use (including this Privacy Statement) and our other contracts with you (collectively “Terms of Use”).

How We Share Personal Information
We may share Personal Information collected through the Sites as follows:

Affiliates: Synovus shares Personal Information within Synovus’s corporate family for the affiliates everyday business purposes, to allow affiliates to market to you, or to allow affiliates to provide you with products you requested, and as required by law.

Service Providers: Synovus shares information with Synovus’s third-party service providers that help us operate the Sites, provide Synovus products and personalize your experience on the Sites. We also may share information with other service providers that help us with payment card processing, sending emails, order fulfillment, conducting advertising, providing customer service or product support, industry benchmarking, consumer analysis, market research, and administering promotions.

Corporate Transactions: Synovus may share and transfer Personal Information if Synovus is involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or control by Synovus or any affiliated company (in each case, whether in whole or in part).

Other Lawful Disclosures: Synovus also shares information: (i) as permitted by law; (ii) if we determine that disclosure of specific information is necessary to comply with the request of a law enforcement or regulatory agency or other legal process; (iii) to protect the rights, privacy, property, interests or safety of our company or our affiliates, customers, business partners, employees, or the general public; (iv) to pursue available remedies or limit the damages; (v) to enforce Synovus’s Terms of Use; and (vi) to respond to an emergency.

Synovus never publicly discloses any Personal Information related to financial or payment activities or any government identification numbers. Synovus also does not allow unauthorized publishing or disclosure of any user’s non-public contacts.

How We Protect and Store Information / Data Security
Synovus takes precautions intended to help protect your personal and financial information that we collect and store. We employ controls that follow widely recognized security policies, standards, and regulations and align with industry-standard best practices. However, you are responsible for using appropriate security measures to protect your information and for refraining from sending sensitive data to us over unsecure means.

For your protection, Synovus maintains authentication procedures to protect your personal information and account. You are responsible for maintaining the security of your account credentials and other authentication data or means involved in obtaining access to password-protected or secure areas of the Sites. Synovus will treat access to the Sites through your account credentials as having been authorized by you. If you suspect a website is pretending to be a Synovus website, do not provide personal information and instead contact us directly by calling 888-SYNOVUS or using the contact information below. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Sites without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.

Additional information about how we keep your information secure and tips about what you can do to protect yourself, are located on our Safety and Security page at www.synovus.com/contact-us/safety-and-security/

We retain information for as long as necessary to fulfill the purposes for which you provided the information, to comply with legal obligations, to resolve disputes, to enforce agreements, and for similar essential purposes, and for a reasonable period of time thereafter. Please note that some or all of the user-provided data may be required in order for the Site to function properly, and we may be required to retain certain information by law.

Other Information We Collect
We collect information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as demographic information, browser information, information collected through cookies, pixel tags and other technologies, other information provided by you such as your date of birth or household income, and aggregated and de-identified data.

How We Use Data Collection Tools
Cookies, pixel tabs (also known as web beacons, flash cookies and clear GIFs) and similar technology (“Data Collection Tools”) help Synovus automatically collect information about you when you use the Sites.

Web Beacons: A web beacon (also called a pixel tag or clear GIF) is computer code that communicates information from your Device to a server. Some of our content and emails may contain embedded web beacons that allow a server to read certain types of information from your Device, allow us to count the number of people who have viewed content, to know when you opened an email message, and the IP address of your Device. Web beacons help us develop statistical information to provide better and more personalized content.

Cookies: Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your Device, such as user settings, browsing history and activities conducted while using the Sites.

Synovus uses the following types of cookies:

  • Strictly necessary cookies, which are required for the operation of the Sites. Without them, for example, you would not be able to register or log in for the Sites that Synovus offers.
  • Analytical/performance cookies, which allow Synovus to recognize and count the number of visitors, learn how visitors navigate the Sites, and improve the Sites.
  • Functionality cookies, which Synovus uses to recognize you when you return to the Sites.
  • Targeting cookies, which record your visits to the Sites, the pages you visited and the links you followed. Targeting cookies helps Synovus deliver digital advertisements that are targeted to your interests (as inferred from your online activity). Synovus also shares information collected through targeting cookies with third parties that send you targeted advertisements on Synovus’s behalf regarding Synovus products.
  • Interaction cookies, which allow you to connect Synovus through social media.

To learn more about cookies and web beacons, visit www.allaboutcookies.org.

Data Collection Tools record how long you spend on various pages on Sites, which pages you view, your search queries, the products you viewed, error and performance reports, your IP address, your browser type, time zone and language settings, and operating system. Data Collection Tools also help us with fraud prevention and detection.

Synovus also uses analytics services, such as Google Analytics, to collect information. Generally, analytics services do not identify individual users. Many analytics services allow you to opt out of data collection. For example, to learn more about Google Analytics practices and to opt out, visit www.google.com/settings/ads or download the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout.

Your Control of Data Collection Technology: Some web and mobile browsers provide settings that allow you to control or reject cookies or to alert you when a cookie is stored in your browser. If you set your browser to refuse to accept cookies, you may not be able to use certain features of the Sites, access some of our online Sites, or apply for a credit card. You also may be able to reject use of mobile device identifiers by activating the appropriate setting on your Device. Although you are not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all products or features available through the Sites.

How We Respond to Do Not Track Signals
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals a website that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including Synovus, do not respond to DNT signals.

Third Party Sites and Services
Synovus may provide links to websites operated by unrelated third parties, such as companies that provide Sites for us, provide replacement checks to our customers, or merchants that may offer products, such as tax preparation software, in which we think you may have an interest. Please note that when you navigate to the website of an unrelated third party, this Privacy Statement no longer applies. This Privacy Statement does not address, and we are not responsible for, the privacy, security, or other practices of any third parties, including any third party operating any site or service to which the Sites link. In addition, we are not responsible for the information collection, usage, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, or any other third-party app provider, social media platform provider, operating system provider, device manufacturer, or wireless service provider, including with respect to any personal information you disclose to other organizations through or in connection with the Sites. We encourage you to read the privacy policies of every website or service that you visit to understand how your Personal Information is processed.

How Can I Correct or Delete My Personal Information?
If you would like to correct or delete Personal Information, please send us an e-mail with your request to info@synovus.com or send us a letter to Synovus Bank, P.O. Box 120, Columbus, GA 31902. Synovus reserves the right to request that you provide information that will enable Synovus to confirm that you have the authority to correct or delete the Personal Information that you want corrected or deleted. Synovus will use reasonable efforts to correct your Personal Information but may not be able to correct or delete Personal Information shared with third parties.

11. Jurisdiction Specific Notices

Notice to California Residents

California Shine the Light Law: California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information for direct marketing purposes (if any) in the preceding calendar year. If you are a California resident, you may have rights under the California Consumer Privacy Act. See CCPA Disclosure here.

Notice to Vermont Residents

In response to Vermont regulations, we will automatically treat accounts with Vermont billing addresses as if you requested us not share your information with nonaffiliated third parties, and that we limit the information we share with its affiliates. If we disclose information about you to nonaffiliated third parties with whom we have joint marketing agreements, we will only disclose your name, address, other contact information, and information about our transaction and experiences with you.

Notice to Nevada Residents

We are providing you this notice pursuant to state law. You may be placed on our internal Do Not Call List by contacting us at info@synovus.com. If you have any questions or would like to obtain further information, you can contact us at the address in the “How to Contact Us” section below. Nevada law requires that we also provide you with the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; Phone number: 702-486-3132; e-mail: BCPINFO@ag.state.nv.us.

Changes to this Privacy Statement
The Effective Date of this Privacy Statement is set forth at the top of this webpage. We reserve the right to change this Privacy Statement as business needs require. If we make material changes to the way we use Personal Information, we post a notice about the changes prominently on the Sites in advance so that you have an opportunity to discontinue your use of the Sites. Your continued use of the Sites after the Effective Date constitutes your acceptance of the amended Privacy Statement. The amended Privacy Statement supersedes all previous versions.

Developer Information; How to Contact Us
Synovus is the developer of the Synovus Apps through license and development agreements with its third party providers. If at any time you have questions about the Synovus Digital Privacy Statement, please contact us at info@synovus.com or by mail to Synovus Bank at P.O. Box 120, Columbus, GA 31902.

© 2022 Synovus Bank