How to Stop Your Bank and the Companies You Trust From Selling Your Data
How to Stop Your Bank and the Companies You Trust From Selling Your Data
Once a year, your bank, your credit card company, and your insurer mail you a dense little pamphlet titled something like "Privacy Notice." Almost everyone throws it straight in the recycling. Buried in that pamphlet, though, is a legal right most people never exercise: the right to tell these companies to stop sharing your personal information with outsiders. It is real, it is free, and the institutions are quietly counting on you to ignore it.
The law hiding in your junk mail
That pamphlet exists because of a federal law called the Gramm-Leach-Bliley Act. It requires financial institutions, a category that is broader than you might think and includes banks, lenders, credit card issuers, insurers, and even auto dealers, to tell you how they handle your nonpublic personal information and to offer you a way to opt out of sharing it with unaffiliated outside companies.
A second law, the Fair Credit Reporting Act, adds a related right. It lets you limit how your information is shared among a company's own affiliates, and how those affiliates use it to market to you. Most institutions fold both opt-outs into a single privacy notice, which is the very document you have been tossing out.
How to actually opt out
Find the privacy notice. Look for the most recent one from each financial company you use. If you cannot find the paper copy, it is usually posted in the privacy section of their website or inside your online account.
Locate the opt-out section. Look for language about limiting sharing or your privacy choices. It will list the specific types of sharing you are allowed to decline.
Submit your choice. Most companies let you opt out by calling a toll-free number, mailing back a form, or toggling a setting online. You can do this at any time, not just when the notice arrives.
Repeat for every institution. Each bank, card, lender, and insurer is separate. Opting out at one does nothing for the others, so you have to work through your whole list.
The catch they do not advertise
Here is where honesty matters. The opt-out is narrower than it sounds. It mainly stops sharing with unaffiliated outside companies that falls outside a long list of exceptions. Your institution can still share your information with its service providers, with joint-marketing partners, with credit bureaus, and for routine account servicing, no matter what you choose. On top of that, a 2015 change to the law means some institutions are no longer required to mail you an annual notice at all, so the reminder you would need may never show up.
And retailers are a different story altogether. A store like a big-box chain is generally not a financial institution under this law, so its data collection runs through loyalty programs, app permissions, and its own privacy policy instead. Depending on your state, you may have a separate "do not sell my personal information" right you can use there, but it is not the same mechanism, and you have to claim it separately too.
Why this still will not get you off the broker sites
Even a flawless financial opt-out, done for every company you deal with, does not touch the data brokers and people-search sites that already list you. Those sites did not get your address from your bank's sharing program. They built your profile from public records and older data deals, and they keep rebuilding it. Closing the front door at your bank is worth doing, but your information already walked out the back years ago.
So real privacy takes two efforts at once: limit new sharing going forward, and remove what is already published. The second part is the one almost everyone underestimates. Consumer Reports measured how well removal actually sticks and found that automated and self-service methods cleared only about 27 percent of listings, against roughly 70 percent when trained people handled the process by hand. It is not that people do not try. It is that the broker ecosystem is large, scattered, and constantly putting your data back. You can read more about why human removal works better, or learn how data brokers got your information in the first place.
See who is already selling your information
Run a free scan across data broker sites and known breach databases. It takes seconds, and no account is needed.
Check if my data is exposed →No signup required · Completely private · Free
Frequently asked questions
Does opting out stop my bank from selling my data entirely?
No. It limits sharing with certain outside companies, but your institution can still share for things like service providers, joint marketing, credit reporting, and account servicing, regardless of your choice.
What about retailers like big-box stores?
Most retailers are not covered by the financial privacy law. They collect data through loyalty programs, apps, and their own policies. In some states you have a separate right to tell them not to sell your information, which you would exercise directly with the store.
Why did I stop receiving annual privacy notices?
A 2015 change lets institutions that limit their sharing to certain categories skip the annual mailing and post the notice online instead. So the absence of a notice does not mean your data is not being shared.
Opting out is step one. Removal is the rest.
Let real people remove your information from broker sites and keep it removed.
Start my free removal →