|
|
|
|
|
Countrywide.com Online Practices
|
|
|
|
The Countrywide.com Online Practices Privacy Policy explains how Bank of America and
our partners may collect information from you online when you visit Countrywide.com.
The Online Practices Privacy Policy, effective as of April 27, 2009, is for general guidance
and subject to change. Please review periodically.
Customer information means personally identifiable information about a consumer or a consumer’s
current or former customer relationship with Bank of America.
|
| |
| Privacy Policy for Consumers |
|
In addition to the protections you enjoy through our Online Practices Privacy Policy, your online
activities may also be covered by the Bank of America Privacy Policy for Consumers. This policy
explains our collection, use, disclosure, retention and security of consumer information and
applies to products and services offered through this website within the United States for
consumer (not business) purposes. In addition, the
Bank of America Privacy Policy for Consumers
provides consumers with information on Setting Your Marketing Preferences.
For our Insurance customers please select the appropriate Bank of America Privacy Policy for insurance.
California All Other States
|
| |
| About Countrywide.com |
Our systems automatically switch to "secure" mode when you are asked to enter
personal information on this website (such as your loan number,
account number or social security number). To keep your data safe, we use:
-
Encryption and authentication technology
-
Website design that blocks or limits online display of customer information
when not necessary to the transaction
-
IDs and passwords to protect customer information
For more details on Internet security, please see our About
Internet Security section.
|
| |
| Use of cookies, Web
beacons and similar files |
|
We design many features of our website so new visitors may anonymously learn
about our products and services, view today’s rates and use our educational
tools without revealing their identity. For new visitors, we use "cookies"
and Web beacons to collect limited data (such as the date, time and
areas of our website visited and the website the new visitor came from). When
you select one of our products or services, review your accounts online or
respond to marketing materials sent to you directly, we will try to identify
your browser and may combine information from "cookies," Web beacons and other
information collected online with any other data we maintain about you. By
improving the marketing and content of our website and making your online
experience more convenient, we are able to better serve our customers'
financial needs.
|
| |
| Cookies are required to
access your online accounts |
|
You can have your Web browser disable "cookies," but if you turn off "cookies,"
it is not possible to access your online accounts. Cookies are used for
security purposes when you log into your account so that we can recognize your
computer. Cookies used to access your online account are encrypted and used
solely to support your online account activity.
|
| |
| Similar Files |
| This website sometimes uses technologies
similar to cookies to store information. For example, we also use files called
Flash objects to help assure security as part of the online account log-in
process. Flash object files are also encrypted and used solely to support your
online account activity.
|
| |
| Collecting Personally-Identifiable Information |
When you visit our Web site, we may collect
the following information in order to service your accounts, save you time and money, and better
respond to your needs:
-
Application information - Information that you provide to us online in applications and other
forms. Examples include your assets, income and debt.
-
Identification Information - Information that identifies you such as name, address, telephone
number and Social Security number.
-
Transaction and experience information - Information about your online transactions and account
experience, as well as information about our online communications with you. Examples include
your online bill payments and your activity on the Web site, such as collecting information on
product information reviewed.
|
| |
| How to confirm the accuracy
of your information |
|
We commit to maintain accurate and up-to-date information on all of our customers. We provide a
ccess to account information in many ways - over the phone, in online and paper statements, and
other communications. If you believe any of your information is incorrect, please notify us
immediately using the customer service number provided on your account statement. We will respond
timely to your request to correct inaccurate account or transaction information. However, in order
to protect your information, we may ask to verify your identity and for other details to respond
to your request. |
| |
 |
|
|
|
About Internet Security
|
| How Does Browser Security Work? |
|
Recent versions of most internet browsers support the encrypted transmission of
on-line documents and the data you enter on a web page. This means that instead
of sending readable text, both your browser and the website's secure server
encode all text using a security key. That way, personal data sent to your
browser or data you send back would be extremely difficult to decode in the
unlikely event it was intercepted by an unauthorized party. The key used for
encoding is a random number that is unique to your session at the secure
website.
There are two grades of internet security: International-grade encryption uses a
40-bit random number negotiated between your browser and the web-server. This
means that only one out of about 1,000,000,000,000 possible decoding keys can
be used to decipher your data. Domestic-grade encryption uses a 128-bit key, so
that the number of possible keys is vastly larger. This site uses
the highest grade of encryption supported by your browser and your internet
connection.
|
| |
| How Do I Know If Security Is Operating? |
Your internet session is encrypted if your security-enabled browser is
connected to a website using the Secure Hypertext Transport Protocol. URL
strings beginning with "HTTPS://" instead of the usual "HTTP://" indicate that
the secure protocol is in effect. Your browser may also tell you if security is
operating. For example, Mozilla's Firefox will display the 
icon in the lower right corner of your screen in secure mode. Microsoft
Internet Explorer shows a 
icon. Note that security may be operating without any visible indication if the
web page you are viewing employs frames (see below).
If secure transmission is not in effect or only part of a frame-based page is
secure, Firefox shows the "red-slashed lock" icon  ,
and Explorer does not show the "lock" icon.
Most browsers can be set to give you a pop-up announcement when you enter or
leave a secure web page. In Firefox, these settings are on the Security section
when you select "Options" on the Tools menu. In IE, the setting is on the
"Advanced" tab when you select "Options" on the View menu.
|
| |
| Secure Mode and Frame-Based Web Pages |
| Security may be operating
without displaying any security icons (or Firefox may show the "red-slashed
lock" icon) if only part of a frame-based page is employing security. You can
verify the security of a page within a frame by opening it in a new browser
window. Both IE and Firefox allow you to open a link in a new window by
right-clicking on the link and selecting that option from the pop-up context
menu. When a secure page is open in its own window, instead of being viewed
within a frame, you can then see the security icons provided by your browser as
well as the "https://" secure protocol prefix in the URL string.
|
| |
|
|
|
|
Cookies, Web Beacons
|
| Cookies |
| When you visit a website, a small file
called a "cookie" may be saved to your computer’s hard drive during your visit.
When you revisit the site, the website’s server may open the cookie file and
access the stored information. You can usually set your browser to limit or let
you know about cookies that a website places on your computer.
|
| |
| Web Beacons |
|
A Web beacon is a graphic image (such as a pixel tag or clear GIF) that is
placed on a web page or in an e-mail message to monitor user activity (such as
whether the web page or e-mail message is read or clicked). They are often
invisible because they are very small in size. They are also used on many web
pages for alignment purposes. We sometimes use Web beacons to provide an
independent accounting of how many people visit our websites or to gather
statistics about browser usage at our websites. Some of our web pages and
HTML-formatted e-mail newsletters use Web beacons in conjunction with cookies.
It is difficult for you to limit the use of Web beacons because there is no
easy way to distinguish their use from alignment and other purposes. They may
be loaded from a different web server than the rest of the page.
|
| |
| Third Party Advertising |
|
We sometimes use third party advertising companies to serve our internet ad
banners on our site and other sites on which we advertise. If you click on one
of those ads, you will be directed to one of our sites
offering that particular product or service. If you view a web page where our
ads appear, the advertising company may place a cookie on your computer or use
a Web beacon to access a cookie they previously placed on your computer. These
companies do not collect information that can identify you personally, but may
use information about your visits to our sites and other sites to measure the
effectiveness of ads. We do not give any personally identifiable information to
these companies. Unless you are first notified, these advertising companies do
not link any online actions or cookie to any information that can be used to
personally identify you (such as your name, address or e-mail address). The
companies that distribute our ads are prohibited by contract from using
information other than for the agreed upon purpose – to help us market our
products and services and to measure response rates.
Third party advertisers are subject to their own privacy policies. Currently, we
use web beacons provided by Doubleclick, Yahoo!, Google and MSN. If you prefer
that Doubleclick does not record your information by means of these web beacons
on our website, please click here:
http://www.networkadvertising.org/managing/opt_out.asp. If you prefer
that Yahoo! not record information by means of these Beacons on our website,
visit Yahoo! at
http://info.yahoo.com/privacy/us/yahoo/webbeacons/details.html to opt out. To
prevent other advertising companies from placing cookies on your computer, you
may adjust the privacy settings for your browser to block or filter cookies, or
visit each website individually and opt-out.
|
| |
| Similar Devices |
|
For example, we include URLs in e-mail marketing materials sent directly to you
(such as special offers) so that we can identify that it is you responding to
the campaign and provide details on the offer available to you.
|
| |
|
|
|
|
Shared Secrets
|
| What are Shared Secrets? |
| Shared secrets are the most common
security method for accessing confidential information. A shared secret is
something known to both the user and the holder of the confidential
information. The most common shared secrets are a user ID and password. These
shared secrets allow the user to log into the site of the holder of
confidential information such as a financial institution or online merchant.
Shared secrets form an integral part of user authentication in today's online
environment.
|
| |
| Protecting Your Shared Secrets |
|
Protecting your shared secrets ensures that information accessed via those
shared secrets is protected. You should never record your shared secrets
electronically such as in documents or spreadsheets. In the event of a
compromise of your computer hard drive, your shared secrets can be compromised
as well placing all the data protected by those shared secrets at banks and
merchants at risk. Likewise you should never store credit card numbers,
expiration dates, bank account number, social security numbers, driver’s
license number or other personal identifying information electronically on your
computer for the same reason.
Your shared secrets should never be revealed in response to unsolicited e-mails.
Criminals attempt to obtain individual’s personal identifying information and
use that information illegally such as to open and/or use credit cards, obtain
phone or utility accounts, obtain loans, work, open bank accounts and/or pass
fraudulent checks using a technique called
"phishing".
Criminals may also attempt to obtain that information over the phone posing as
a survey taker, telemarketer or other unsolicited caller
("pretexting").
|
| |
| Common Shared Secrets |
|
To minimize the potential compromise of your shared secrets, you should avoid
commonly used secrets such as names (yours, your spouse's, your
children's, parents), common terms that appear in the dictionary (brute force
attacks to crack passwords often use dictionaries in an attempt to randomly
match the password), exclusively numbers (numbers range from 0 to 9 for each
character where letters range from a to z creating 26 potential variations or
52 if case sensitive). The best passwords are a combination of both letters and
numbers where the letters do not spell words that could be found in a
dictionary and the password is of sufficient length, 6 characters or preferably
more, to make brute force attacks harder.
We suggest you do not use shared secrets across multiple domains (e.g.
websites). If you use the same logon and password while shopping or surfing
online as you use for your bank, if one of the online merchant sites is
compromised, your user ID and password could then be used to access your bank
information. Not all websites apply the same level of security to their
database. The use of a single logon ID and password across multiple sites is
only as secure as the least secure site.
|
| |
| What Do I Do If My Shared Secrets are
Compromised? |
|
Immediately change your shared secrets with all sites on which you have used
the same shared secrets. Follow the instructions What Should I Do
if I Become a Victim of Identity Theft?
|
| |
|
|
|
|
Safeguarding Social Security Numbers
|
| Tips to Protect Your Social Security Number |
- Carry only necessary identification with you. Don't carry your Social Security card.
- Never provide your Social Security Number unless you have initiated the contact and have confirmed the business or person's identity
- Do not use your full or partial Social Security Number as a Personal Identification Number (PIN) or as a password
- If you must send your Social Security Number in an email ensure that the email is encrypted
- Only enter your Social Security Number into internet web sites when the site is secure and you know how the recipient will protect it
- Be cautious of your surroundings when disclosing your Social Security number, e.g. if a retail store requests your Social Security Number to look up your store credit card number
- Do not transmit your Social Security Number over the Internet unless you know that the connection is secure or you have encrypted the Social Security Number
- Be cautious when faxing your Social Security number, double check the fax number to ensure it is the correct number
- Do not record your Social Security Number on a check, traveler's check, gift certificate, money order or other negotiable instrument unless required by law
|
| |
| We Safeguard Your Social Security Number |
|
Our Privacy Protection Policy (1) protects the confidentiality of Social
Security numbers, (2) prohibits unlawful disclosure of Social Security Numbers, and
(3) limits access to Social Security Numbers. Our consumer customers can obtain
more information by reviewing our privacy policy for consumers.
|
| |
|
|
|
|
Identity Theft
|
| What is Identity Theft? |
| Identity theft is when someone
takes and uses your personal information (such as your name, social security or
credit card number) without your permission to commit fraud or other crimes.
These criminals take the identities of others to open new credit cards; obtain
phone or utility accounts, loans, or employment; open bank accounts; and/or
pass fraudulent checks. According to the FBI, identity theft is the fastest
growing crime in America. |
| |
| How Does Identity Theft Occur? |
| Criminals gain access to
personal information in many ways, but the most common method is to take it
from the victim themselves. They steal mail (such as account statements,
new checks and offers of credit) left in a mailbox, discarded in the trash or
stored in an easy to get to location in your home or office. They take credit
card and personal identification from your purse or wallet. Without knowing it,
you may give the information directly to the criminal when you enter data at an
unsecured or unknown website, or in response to a fraudulent request for
account information through an unverified e-mail
("phishing").
Imposters also ask for information from you in unsolicited phone calls,
tricking you into thinking it is someone you know, such as your bank
("pretexting").
|
| |
| What Happens to the Victim? |
| Identity thieves can damage
the credit reputations and lives of victims. Studies have shown that victims
spend an average of $808 and 205 hours resolving the identity theft. Time and
money is spent clearing credit reports, reporting the theft to lenders and
merchants, and filing complaints with law enforcement and governmental
agencies. One of the menacing problems of identity theft is that it can happen
more than once. Once the initial incident is resolved, the thief may begin
using the victim’s identity again after waiting 6 months to a year and the
cycle begins all over again.
|
| |
| How Can I Prevent Becoming a Victim? |
| Identity theft requires
someone to gain access to your personal information. You can take steps to
decrease the risk of someone stealing your information. |
-
Destroy papers you throw out.
Shred or completely destroy any documents that contain personal information
before discarding them in the trash. This includes information about you, your
family, your home, or your accounts such as credit card solicitations,
pre-approved credit offers, convenience checks contained in your statements,
bills, cancelled checks, loan offerings, ATM or credit card receipts, insurance
or tax information. Just as important are receipts from ATM’s or self-service
devices such as gasoline pumps. Don’t just leave them behind or throw them in
the trash. Criminals only need a few pieces of information about you to get
credit in your name and access your existing accounts.
-
Be careful who you give your information to over the telephone.
Do not give out personal information such as your social security number,
credit card or bank account numbers, or loan numbers over the phone to anyone
who has called you without first confirming who you are speaking to, why they
need the information and that they are who they claim to be.
-
Guard your PINs.
Never give out your Personal Identification Number (PIN). Memorize your PINs
and never write them on your cards or carry them in your wallet.
-
Report lost or stolen credit cards, checks or identification immediately.
-
Store your personal information securely.
Keep it where it is not easily available in the event of a burglary or other
unauthorized access.
-
Be cautious online.
Be cautious when providing information at websites or
with online merchants you do not have an existing relationship with. Always
confirm that you are in a secure session before entering personal information
online (see How Do I
Know if Security is Operating?).
-
Check your credit reports.
Review your credit report regularly to identify any inquiries or accounts that
you are not aware of and did not apply for.
-
Protect your mailbox.
If your residential mailbox is not secure, don’t put outgoing mail in the box
and promptly pick up incoming mail or obtain a secure postal mailbox.
-
Safeguard your checks.
Never print your personal information such as a Social Security Number or
driver’s license number on your checks.
|
| |
| What Should I Do if I Become a Victim of Identity
Theft? |
-
Contact the three major credit bureaus
Ask them to send you a copy of your credit report and instruct them to place a
fraud alert on your record. Once you receive the report, review it carefully.
Contact any creditors listed that you did not apply for credit with and inform
them that you have been a victim of identity theft. Instruct them to close the
account, send you copies of the application and any transactions, and to
promptly clear your credit record.
-
Contact your local police or sheriff’s department and file an identity theft
complaint.
-
File a
complaint with the
Federal Trade Commission or call their hotline at 1.877.IDTHEFT
(438.4338).
|
| |
| Identity Theft Resources |
|
|
| |
| What Are We Doing to Assist in the Battle
Against Identity Theft? |
| Protecting the confidentiality
and security of our customers’ personal information is a priority for
our family of companies. You can find more information in our
Privacy and Security Policy. We understand the implications identity
theft can have and take very specific steps to reduce the chance that identity
thieves can damage the credit reputations of our customers. As a result,
Bank of America has put multiple safety measures in place to combat identity theft. |
| |
| Training |
| |
We train key employees in customer identification and
authentication. Our training is designed to reduce the chance of an account or
loan being opened in your name without your permission. We regularly update
training to educate our employees on changing trends in identity theft. |
| |
| Fraud Hotline |
| |
For many years, we have maintained a Fraud Hotline for
consumers, employees and the public to report crimes, including identity theft.
Fraud Hotline staff work with departments across our family of
companies to block credit reporting based on claims of identity theft, conduct
investigations including reviews of the account or loan documentation, and, if
identity theft is confirmed, notify the credit bureaus and correct credit
reporting history on affected financial relationships with us. The Fraud Hotline
serves as a single point of contact for consumers to report identity theft
complaints to us. You can reach the Fraud Hotline by any method
described under the Reporting Identity Theft section below. |
| |
| Education |
| |
Consumer awareness is a critical component in reducing the
incidence of identity theft. We provide consumer education and
training on identity theft through featured articles in our quarterly
newsletters, statement messaging and our websites. |
| |
| Industry Associations |
| |
We work in concert with industry groups in developing
legislation, policies and practices to fight identity theft and other crimes in
the businesses we operate in. We also work with these industry groups
in the establishment and adherence to security and customer authentication
programs to ensure that we remain an industry leader in protecting your
identity and assets held with us. |
| |
| Law Enforcement |
| |
We coordinate with local, state and federal law
enforcement when identity theft cases arise. |
|
| |
| Reporting Identity Theft |
| If you think your identity has
been stolen, affecting any of your loans or accounts with any of the companies
in our family, or resulting in the establishment of a fraudulent
relationship with us, please contact us immediately. The Identity Theft
Complaint provided below should be completed and then faxed or mailed back to
us at the address shown below. The Complaint, which requires Adobe Acrobat
Reader, can be obtained by clicking the link below: |
| |
| e-mail |
fraud_hotline@bankofamerica.com |
| |
| phone |
1.877.CUFRAUD (283.7283) |
| |
| fax |
1.805.306.7158 |
| |
| mail |
Bank of America
Fraud Investigation
30930 Russell Ranch Road, CA6-916-03-05
Westlake Village, CA 91362
|
|
|
ID
Theft Complaint
|
Requires
Adobe Acrobat Reader
Click to download free
|
| Due to the insecure nature of e-mail, the ID
Theft Complaint should be faxed or mailed to us as shown to the left. |
|
|
|
|
|
. Some products may not be available in all states.