Online Privacy Notice
For customers of the First Horizon and First Horizon Bank Family
Notice Effective Date: July 2023
First Horizon recognizes the importance our clients and other users of our websites and mobile applications place on the privacy and security of their information, and we are committed to protecting it as described in this Notice. This Notice applies to your use of First Horizon's websites, mobile sites or mobile applications where this Notice is posted or linked to on the site (the "Sites"). This Online Privacy Notice supplements any Terms of Use for the Sites. In the event of a conflict between the Terms of Use for a Site and this Online Privacy Notice, the terms of this Notice shall govern such matters. To the extent any information collected is “nonpublic personal information” as defined by the Gramm-Leach-Bliley Act of 1999 and applicable regulations (as amended from time to time) (“Nonpublic Personal Information”), the Privacy Notice for First Horizon Customers will apply to First Horizon’s use of such information.
“First Horizon” includes First Horizon Bank, First Horizon Corporation, and their affiliates.
1. Definitions
Affiliate – is a company related to First Horizon by common ownership or control.
Cookie – is defined as a small text file stored on a user’s device that may later be retrieved by a web server from the device. Cookies allow web servers to keep track of the user’s browser activities, and connect individual web requests into a session. Cookies can also be used to prevent users from having to be authorized for every password protected page they access during a session by recording that they have successfully supplied their user name and password already. Cookies may be referred to as "first-party" (if they are placed by the owner of the website that is visited) or "third-party" (if they are placed by a party other than the owner of the visited website). Generally, you can manage cookies in your browser or device settings. Each browser or device is different, so you will need to learn the options available to you. If you change your settings, use a different device or change browsers, you will need to reset your cookie options.
Flash® Cookie – is defined as a data file that is stored in the user's device by visiting a website that runs a Flash application. A Flash Cookie is also called a "local shared object" (LSO). Flash Cookies function like a cookie to personalize the user's experience, except that a Flash Cookie can hold up to 100KB of data rather than only 4KB (see Cookie). Clearing cookies in the Web browser does not clear Flash Cookies. They must be cleared via Adobe® Flash Player settings.
Geo-Location Information – is defined as information that is “sufficient to identify the street name and name of the city or town” in which a device is located.
Internet Protocol (IP) Address – is defined as a unique string of numbers that identifies a device on the internet or other TCP/IP network. The IP address is expressed in four groups of up to three numbers, separated by periods, for example: 123.123.23.2. An address may be "dynamic," meaning that it is assigned temporarily whenever a device accesses the internet and consequently may be different each time a device connects. Alternatively, an address may be "static," meaning that it is assigned to a particular device and does not change, but remains assigned to one device.
Non-affiliates – are companies that are not related to First Horizon by common ownership or control.
Online Behavioral Advertising – sometimes called “interest-based advertising” is defined as the practice of collecting data from a particular device regarding viewing and usage behavior over time and across non-affiliated websites for the purpose of inferring user preferences or interests to later deliver advertising to that device based on those inferred preferences or interests.
Session Cookie – is defined as a Cookie that is deleted when a session ends. Session Cookies are used to monitor session activity within our online and mobile banking products and services. These Session Cookies are encrypted and only our Service Providers (as defined below) can read the information in these Session Cookies. The Session Cookie facilitates the processing of multiple transactions during a session without requiring you to reenter your passcode for each individual transaction. Session Cookies used within our online products and services do not pass to your computer’s hard drive or device. Instead, the Session Cookie is stored in your device or computer’s memory, identifying you only during a session. A new Session Cookie is used for each session; that way, no one can use the prior Session Cookie to access your account. For additional security, the Session Cookie expires after 25 minutes of inactivity. It must then be renewed by reentering your passcode.
Service Provider – In order to provide our services, we may use various third-party providers. These third parties provide services such as: website hosting, internet banking, bill payment, mobile deposit, and account aggregation. We also engage third-party providers to assist us in our online marketing and advertising programs. Third-party providers are referred to within this Notice as “Service Providers.”
Web Beacon – is a clear graphic image (typically one pixel in size) that is delivered through a web browser or HTML email. The Web Beacon operates as a tag that records a user’s visit to a particular web page or viewing of a particular email. It is also often used in conjunction with a Cookie and provided as part of a third-party tracking service. Web Beacons provide an ability to produce specific profiles of user behavior in combination with web server logs. Common usage scenarios for Web Beacons include online ad impression counting, file download monitoring, and ad campaign performance management. Web Beacons also can report to the sender which emails are read by recipients.
“We,” “our” and “us” – means First Horizon.
“You” and “your” – refers to the individual natural person who accesses or uses the Sites.
2. Information Collected
(A) Nonpublic Personal Information Collected by First Horizon – this information may directly or indirectly identify particular individuals. This information may be provided through forms, surveys, applications or similar online fields. Examples may include your name, postal address, email address, telephone number, Social Security number, date of birth or account information. As part of providing online financial products or services, we may obtain Nonpublic Personal Information about our clients and other Site visitors from the following sources:
- Information we receive from you on applications, emails, or other forms;
- Uploaded information: When you contact us using one of our online contact forms, we collect the messages you send as well as the Nonpublic Personal Information you provide, such as your name, phone number, and email address. If you upload any content including a client testimonial for use on the Sites, we also collect the Nonpublic Personal Information you submit at that time.
- Information about your transactions with First Horizon;
- Information we receive from a consumer reporting agency; and
- Information that is generated electronically when you visit our Sites or use our online financial products and services.
Our Privacy Notice for First Horizon Customers describes how we may share this information with our affiliates and with non-affiliates.
(B) Anonymous Information Collected by First Horizon and/or Service Providers – We, as well as our Service Providers, may collect general information about you which does not directly or indirectly identify, and cannot reasonably be used to identify you. We define this information as “Anonymous Information.” Such information may include:
- The internet address (referral site) which brought you to our Site;
- The date and time you access our Site;
- The name and version of your web browser;
- Your Internet Protocol (IP) address;
- The pages visited in our Site; and
- The duration of your online session.
Anonymous Information that is compiled from various sources and aggregated but which contains no Nonpublic Personal Information is “Aggregated Data.” First Horizon and certain Service Providers use Aggregated Data for various business purposes, including for data analytic and marketing purposes.
3. How We Use and Share Nonpublic Personal Information That We Collect
First Horizon uses Nonpublic Personal Information it collects through the Sites in accordance with its Privacy Notice for Customers of the First Horizon Family of Companies. Please refer to that Privacy Notice for additional information regarding how we may share Nonpublic Personal Information, as well as the choices you may be able to exercise in connection with such sharing.
The First Horizon Mobile Banking App transmits and uses geolocation information to enable features that prevent fraudulent card use and sends alerts, but only if you expressly authorize collection of such information. Geolocation information is collected on a continuous basis while the First Horizon Mobile App is being used or not at all, depending upon your selection. You can change your location permissions at any time in your device settings.
4. How We Use and Share Anonymous Information That We Collect
(A) Online Tracking – First Horizon and certain Service Providers operating on our behalf collect Anonymous Information about your activity on the Sites using tracking technologies, including Cookies, Flash Cookies, Web Beacons (including Pixel tags, web bugs, clear GIFs and other similar technologies) for many purposes including, for example, to:
- Provide useful features to simplify your experience when you return to the Sites;
- Deliver relevant content based on your preferences, usage patterns and location;
- Monitor and evaluate the use and operation of the Sites;
- Analyze traffic on the Sites; and
- Monitor and report Site trends.
If you would like to opt out of use of your Anonymous Information for these purposes, you will need to get the Google Analytics Opt-Out Browser Add-On at https://tools.google.com/dlpage/gaoptout.
First Horizon may use other technologies, such as the capture of screenshots while you are using the Sites to understand how you navigate and use the Sites. This information helps us to better understand how the Sites are used and to improve them.
We may associate this tracking data with your Nonpublic Personal Information, in which case we will treat it as Nonpublic Personal Information.
From time to time, you may encounter online advertisements for our products and services on third-party websites. We use third-party advertising Service Providers to distribute our advertisements on websites where we have paid to advertise. These advertisements may use certain tracking technology to capture information such as your IP address and browser type as well as your usage in order to track the effectiveness of our advertising.
(B) Online Behavioral Advertising (OBA) – In certain instances, we work with Service Providers such as advertisers, publishers, and other businesses to deliver targeted or personalized ads to you that are more relevant to your use of a particular device. In order to target ads, we may create and use “audience segments.” These audience segments are based on Anonymous Information collected over time and across the internet (e.g., websites visited, time spent on various sites and mobile applications). We also may combine Anonymous Information about you with Anonymous Information collected by Service Providers concerning your online behavior across websites and across devices. We may use this Anonymous Information to determine or predict your characteristics, behavior, interests or preferences. Consumers benefit from receiving more relevant ads, while advertisers and publishers benefit from more effective advertising. We believe online behavioral advertising offers you an improved experience with online advertising.
(C) How to Opt Out of Online Behavioral Advertising.
If you receive one of our ads as a result of OBA, it will display an AdChoices icon. By clicking on the icon, you will receive more information about OBA. You will also have the ability to opt out from receiving targeted ads using OBA.
If you choose to opt out, you may still receive online advertising from us. Opting out through the steps listed above means only that the ads you do receive will not be based on OBA.
(D) Do Not Track – Certain browsers allow you to send “Do Not Track” or “DNT” requests to the websites you visit. Currently, we do not respond to a browser’s DNT requests.
5. Cross-Device Linking
We and/or our Service Providers may establish connections among related web browsers and devices (such as smart phones, tablets, computers, game consoles, and internet-connected TVs) for targeted advertising, analytics, and reporting purposes. To achieve this, we process information to help conclude that a particular computer or device is operated by the same user or household as another computer or device. These cross-device connections allow us to understand that a single user or household is accessing our content and/or services from multiple devices, and to synchronize content and advertising messages across those devices.
6. Children’s Privacy
We do not use the Sites to knowingly solicit Nonpublic Personal Information from or market to children under the age of thirteen (13) without parental consent. We request that such individuals do not provide Nonpublic Personal Information through the Sites. If a parent or guardian becomes aware that their child has provided us with Nonpublic Personal Information without their consent, they should promptly contact us, and we will delete such information from our files.
7. Cross-Border Transfer
The Sites are controlled and operated by First Horizon from the United States, and are not intended to subject First Horizon to the laws or jurisdiction of any state, country or territory other than that of the United States. We may store and process your Anonymous Information and Nonpublic Personal Information in any country where we have facilities or in which we engage Service Providers, and, by using the Sites, you consent to the transfer of such information to countries outside of your country of residence, including the United States, which may have different data protection rules than those of your country.
8. Changes to This Notice
From time to time, we may make changes to this Notice in order to accommodate new technologies, platforms, industry practices, regulatory requirements or for other purposes. We encourage you to review this Notice periodically to ensure that you understand how we collect, use and share information through the Sites. If we do make changes to this Notice, we will also update the "Effective Date" posted at the top of this Notice.
Any changes to this Notice will become effective when the revised Notice is posted on the Sites. By continuing to use the Sites following such changes, you are agreeing to accept the terms of the revised Notice.
9. Contact Us
If you have any questions or comments about this Notice or our privacy practices generally, we encourage you to contact our Privacy Information line at 877-242-9880.
Adobe and Flash are registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.