Updated: December 2022
Introduction and overview
At NerdWallet, our mission is to provide clarity for all of life’s financial decisions. We do so by striving to inform and empower consumers with financial guidance they can trust and by providing tools that help them make the best decisions for their financial needs.
When our consumers use our websites, mobile applications and other products (collectively, our “Services”), we have an obligation to access and use your personal information in a manner that is responsible and helps reduce privacy and security risks.
What information do we collect about you and how do we collect it?
- Information collected directly from You – We may collect information directly from you when you use our Services — for example, when you register to receive marketing communications from us or when you fill out forms or other fields on our website. In such cases, we may ask you to provide us with one or more of the following pieces of information:
- Email address.
- Mailing address.
- Phone number.
- Your registration information, such as a username and password.
- When you communicate with us, either by email, phone, or other means of communication, we may also collect the content of these communications.
- Information collected when you visit our website – When you visit the website, use our applications, or open an email from NerdWallet, we may automatically receive and record certain information from your computer, web browser and/or mobile device, including without limitation:
- IP address or other device address or ID.
- Web browser and/or device operating system.
- Web pages or sites that referred you to our Site or that you click out to from our Site.
- Pages you view on the Site.
- Your actions on the Site, including the electronic path you take to our Site, through our Site and when exiting our Site, as well as your usage and activity on our Site, such as the links and objects you view, click or otherwise interact with (also known as “Clickstream Data”).
- Dates and times that you visit, access, or use the Services.
When you use the website, we may also place one or more Cookies on your browser. Cookies often include unique IDs which may be considered personal data. Our cookies do not include information that directly identifies you, such as your name, email address or phone number. Please see below for more information about Cookies.
How do we use your personal information?
Your information is an integral part of our operations, and we use it in a variety of ways in providing the Services and operating our business. We use the information you provide, for example:
A. To provide you the Services you request and enable non-affiliated third parties to market or provide additional services to you.
B. To operate, maintain and improve the Services and create new features and functionality.
C. To understand and analyse usage trends and preferences of our users across different devices.
D. For fraud detection and information security.
E. We may use your e-mail address or other personal information for internal compliance purposes, including but not limited to, (a) to contacting you for administrative purposes such as customer service, and/or (b) to addressing intellectual property, right of privacy or defamation issues related to content you have posted on the Services, and/or (c) We may also use your e-mail address and other personal information to send you promotional materials, offers, and/or messages related to the Services and the activities of third parties we work with. You can opt out of receiving promotional communications, through links provided in the messages, by updating your account preferences (where applicable) through the Services, or by contacting us directly at [email protected].
F. We may use Cookie Information and Automatically Collected Information to: (a) personalise our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Services; (b) pre-fill forms; (c) provide customised advertisements, content, and information across your devices; (d) monitor and analyse the effectiveness of Services and third-party marketing activities; (e) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (f) track your entries, submissions, and status in any promotions or other activities.
Who do we share information with?
We may share your personal information with other parties under the following circumstances: (1) with our partners or affiliates, when you ask us to share your information with them; (2) with our service providers, when required to to provide our services to you; or (3) where we are required by law to disclose your personal information.
We may share your information with third-party service providers to support our internal and business operations. In such cases, service providers may use the information only as necessary to provide the services to us and are contractually required to keep your information confidential and secure.
In certain instances, we may be required to share information with regulators. For example, as we are Authorised and Regulated by the Financial Conduct Authority, we may be required to provide them with information on the services that we provide and the number of customers who have used our services or if we are dealing with a complaint.
What is our basis for processing personal information?
The data protection laws require us to state the basis on which we will process your information. Our legal basis for collecting and using your personal information depends on the kind of information concerned and the specific context in which we collected it.
Performance of a contract
The use of your personal information may be necessary to perform the terms and conditions or other policies under which we provide our Services.
We may use your personal information for our legitimate interests to improve our Services, security purposes, and fraud prevention, and to share information with our affiliates for internal administration. In such circumstances it is for us to ensure that these interests are not overridden by your data protection interests or fundamental rights and freedoms.
If we collect and use your personal information in reliance on our legitimate interests, this interest will normally be to operate our platform and communicate with you as necessary to provide our services to you and for our legitimate commercial interest, for instance, when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are. For guidance on the principle of legitimate interests, see the ICO website.
‘Cookies’ are small text files that are stored by the browser on your computer or mobile phone. Websites are able to read and write these files, allowing them to store things like website personalisation details or user preferences.
We use ‘cookies’ to ascertain how people navigate and use the website. This information is subsequently used to make the website more user-friendly. The information stored in the ‘cookie’ is not linked in any way to any personal information that we hold.
Some of the advertisements that you see displayed on our website are delivered on our behalf by Google. No information which identifies you, for example your name, address, email address or telephone number, is used to provide this advertising. In order to display advertising most likely to be relevant to you, Google may place or recognize a unique “cookie” on your browser. This cookie does not collect personal data about you nor is it linked to any identifiable information about you.
Your personal data’s security is very important to us. This is why, as well as ensuring we only capture the data we need to ensure we can provide you with quality services, where appropriate, our Sites use HTTPS to help keep information about you secure.
However, no data transmission over the internet can be guaranteed to be totally secure. We do our best to keep the information you disclose to us secure and have appropriate processes in place for data during transmission. However, by using NerdWallet.com/uk/ you accept the inherent risks of transmitting information online and will not hold us responsible for any breach of security.
Your data rights/contact us
Under the Data Protection Act, you have the right to access information we hold about you. If you would like to request the information we hold about you, delete or change it, or opt-out of emails, product contact request forms, email us on [email protected] or write to us at:
Legal Department, NerdWallet Ltd
Floor 3, Haldin House
Old Bank of England Court
Your data rights
Right of access
The right to request copies of your personal information from us.
Right to rectification
The right to have your personal information corrected if it is inaccurate or incomplete.
Right to erasure
The right to request that we delete or remove your personal information from our systems.
Right to restrict processing
The right to prevent us from using your personal information or restrict the way in which we can use it.
Right to data portability
The right to request that we move, copy or transfer your personal information.
Right to object
The right to object to our use of your personal information including where we use it for our legitimate interests.
If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator which in the UK is the Information Commissioner’s Office.
International transfers of personal data
For example, when we transfer your personal information to our affiliates, suppliers or other third parties outside of the country in which it was collected, we implement Standard Contractual Clauses approved by the EU Commission and use similar contractual clauses to comply with similar requirements in other jurisdictions.
By choosing to use the Services, you consent to the transfer of such information outside of your country.
How long do we keep your data?
- 6 years where it is needed for tax and accounting purposes
- As long as we are required to by law in the event that you have provided us with your data in relation to the purchase of a financial product. This may vary depending on the product.
Changes to this policy