Skip to main content

barsMenu

times
times

Privacy Policy

file-pdfPrinter friendly version of Privacy Policy

Revised: June, 2024

We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy (this "Policy"). This Policy applies when you visit or use our website (https://www.wafdbank.com/), mobile applications, or any other online services offered by Washington Federal Bank ("WaFd Bank", "we" or "us") that link to or reference this Policy (collectively, the "Website"). This Policy also describes the types of information we may collect from you or that you may provide when you use the Website and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Policy applies to information we collect:

  • On the Website.
  • Through mobile applications you download from the Website, which provide a dedicated non-browser based interaction between you and the Website.
  • When you interact with our advertising applications on third party websites and services, if those applications or advertisements include links to this policy.

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use the Website. By accessing or using this Website, you agree to this Policy. This Policy may change from time to time. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Information We Collect

We collect several types of information from and about users of our Website, including information:

By which you may be personally identified, such as name, postal address, email address, telephone number, social security number, existing account number, username, password or any other identifier by which you may be contacted online or offline ("personal information"). If you have a financial product or service with us, we will use any personal information that we collect from or about you in accordance with our www.wafdbank.com/privacy-center#privacy-policy.

  • That is about you but individually does not identify you, such as aggregated, de-identified or demographic statistical data ("non-personal information").
  • About your internet connection, the equipment you use to access the Website, and usage details.

We collect this information:

  • Directly from you when you provide it to use.
  • Automatically as you navigate through the Website. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
  • From third parties, for example, our business partners.

Information You Provide to Us

The information we collect through the Website may include:

  • Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, opening an account, or signing up for other services. We may also ask you for information when you report a problem with the Website.
  • Records and copies of your communications with us.
  • Your responses to surveys that we may ask you to complete for research purposes.
  • Contact information you provide when you elect to receive electronic statements, notices or disclosures (go paperless) or change your contact preferences.
  • Your email address, username, the last four digits of your social security number, answers to your security questions, and other account information used to verify your identity before executing your request to reset your password.
  • Information from your computer, or your smartphone, tablet or other mobile device (collectively, "devices").

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with the Website and third party links on the Website, we and third parties, including our affiliates and non-affiliated third party services providers (collectively, our "service providers"), may use automatic data collection technologies to collect non-personal information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Click here www.wafdbank.com/privacy-center#ccpa-request for information on how you can opt out of behavioral tracking on this Website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.

Non-personal information may be aggregated in our server logs for various purposes, including collection of device event information such as browser crashes, system activity and referral website URL.

The information we collect automatically helps us to improve the Website and to deliver a better and more personalized service, including by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize the Website according to your individual interests.
  • Speed up your searches.
  • Recognize when you return to the Website.

How We Use the Information We Collect

We may use information that we collect about you or that you provide to us, including any personal information:

  • To present our Website and its contents to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your account.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
  • To notify you about changes to the Website or any products or services we offer through it.
  • In any other way we describe when you provide the information.
  • For any other purpose with your consent.
  • To conduct transactions, surveys, research, marketing, data analysis and enrichment.

How We Disclose the Information We Collect

We may disclose aggregated information about our users without restriction. All financial institutions need to share customer information for their everyday business purposes. In addition to such business purposes, we may disclose personal information and non-personal information that we collect or you provide as described in this Policy:

  • To our subsidiaries and affiliates (i.e., companies related to us by common ownership or control).
  • To our contractors, service providers, and other third parties we use to support our business.
  • To other financial institutions that jointly offer, endorse or sponsor financial products or services with us.
  • To other individuals or entities, when we believe that disclosure is necessary to report suspicious activities, prevent physical harm, financial loss, or violations of our agreements and policies.
  • To regulators and other organizations or individuals who are legally entitled to receive such information.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of WaFd's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.
  • To fulfill the purpose for which you provided it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply any other policies and notices linked on the Website.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of WaFd, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction. However, we do not sell personal information or sensitive personal information to third parties.

Third-Party Sites and Services

Our online services may contain links to third-party websites and other online services, which are not governed by this Policy. As such, we encourage you to learn about the privacy and security practices of those third parties. We are not responsible for the privacy or security of such websites and other online services, nor the online collection, use or sharing of personal or non-personal information by third parties.

Mobile Security

WaFd has implemented mobile security standards and practices to protect the privacy of your personal information. The WaFd apps; Zelle®; and Mobile Deposit present "Blind Data." This means our mobile services do not present full names, Social Security Numbers, or other personal information. Account numbers are truncated, and Mobile Deposit does not store check images in persistent memory.

E-Mail Privacy

WaFd will never ask for personal information through unencrypted e-mail. E-mail is not a secure method for sending sensitive personal or financial information including:

  • Social Security Numbers
  • Account Numbers
  • Loan Numbers
  • Driver License or State ID Numbers

If you need to send sensitive information to WaFd Bank, please contact or visit your local branch or office to learn more about our secure e-mail encryption portal.

Online Authentication

When you obtain one of our products or services online, or register for or use one of our online services, you may be required to perform an online authentication process. Some of these processes utilize third party information services to verify your identity. For example, you may be asked to confirm details about a previous financial transaction (e.g., the amount of your monthly payment to a third party). The information that you provide in response to such questions will be used for the sole purpose of verifying your identity, and will not affect your credit rating or credit file. Our online authentication processes may collect a unique device identifier, IP address, and related data associated with your mobile device, and/or use cookies, tags and JavaScript, to identify the computer or mobile device or browser that you are using to access our site. These processes are used to protect both you and us from fraud and unauthorized transactions.

Accuracy of Your Information

The accuracy of your account and other personal information is important. If you have a financial product or service with us and you find that any personal information we have or have reported to another party does not appear to be accurate, please contact us as follows:

WaFd Bank
Attn: Client Care Center
9929 Evergreen Way
Everett, WA 98204

Please include your account number, if available.

Social Media

WaFd Bank participates in social media platforms, such as Facebook®, X® and LinkedIn®, which enable online sharing and collaboration among their users. Any information or other content you post on these platforms, such as pictures, opinions or personal information, is subject to the platforms' terms of use and privacy and security policies; please refer to their policies to better understand your rights and obligations with regard to such content.

Protecting Children's Online Privacy

In accordance with the Children's Online Privacy Protection Act, we do not knowingly collect personal information from children (i.e., persons under age 13). We do not knowingly collect, store, use or share personal information about children, unless the information has been provided by an adult in connection with the opening of a deposit account for or with the child. We do not accept applications directly from children, and will not send unsolicited promotions to users who indicate they are less than 13 years of age except in connection with an account opened by an adult. This does not prevent parents from opening deposit accounts on behalf of their children. We will obtain parental consent prior to the creation of an account on behalf of a child.

Your State Privacy Rights

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. If you are a resident of California, please review our www.wafdbank.com/privacy-center#ccpa-notice to learn more about the additional rights granted to you under the California Consumer Protection Act.

Visitors Residing Outside the United States

If you visit or use our online services, your personal and non-personal information may be collected, stored, used and processed in and transferred to, from and within the United States. In such instances, applicable U.S. federal and state laws shall govern. If you are a non-U.S. resident, such laws may not provide the same level of protection as the laws of the country of your residence.

Changes to Our Privacy Policy

We reserve the right to update this Policy from time to time to comply with applicable laws and to reflect changes in our online services. For this reason, we encourage you to periodically review this Policy. If we make changes to this Policy, we will revise the "Effective/Revised" date shown at the top of the Policy and post the revised Policy on the Website and through our other online services. The changes will become effective when we post the revised Policy. Your visit or use of any of our websites or other online services following such posting means that you accept the revised Policy.

Contact Us

If you have any questions or comments regarding our Privacy Policy, please contact us at:

WaFd Bank
Attn: Legal Department
425 Pike Street
Seattle, WA 98101

CALIFORNIA CONSUMER PRIVACY ACT NOTICE

file-pdfPrinter friendly version of CCPA Notice

APPLICABILITY

Your privacy is important to us. This California Consumer Privacy Act Notice (this "CCPA Notice") supplements the information contained in our www.wafdbank.com/privacy-center#privacy-policy and Consumer Privacy Policy. It also explains how Washington Federal Bank ("we", "us", or "WaFd Bank") collects, uses, and discloses the personal information of California residents pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the "CCPA"). This CCPA Notice is provided pursuant to the CCPA.

BACKGROUND

Under the CCPA, "Personal Information" is information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular California resident and includes certain categories of Personal Information discussed below that constitute "Sensitive Personal Information". The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual.

It is important to note that Personal Information does not include: (i) publicly available information from government records; (ii) deidentified or aggregated consumer information; or (iii) information excluded from the CCPA's scope, including personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (the "FCRA"), the Gramm-Leach-Bliley Act (the "GLBA") or California Financial Information Privacy Act (the "FIPA"), and the Driver's Privacy Protection Act of 1994. For example, information that we collect about California residents who apply for or obtain our financial products and services for personal, family, or household purposes fall under the scope of the GLBA, rather than the CCPA. For more information about how we collect, disclose, and secure information relating to these consumers, please refer to our www.wafdbank.com/privacy-center#privacy-policy.

Keeping Personal Information secure is one of our most important priorities. Consistent with our obligations under applicable laws and regulations, we maintain physical, technical, electronic, procedural, and organizational safeguards and security measures that are designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by us or elsewhere.

PERSONAL INFORMATION WE COLLECT

Personal Information: In the past 12 months, we have collected the following categories of Personal Information:

CategoryExamplesCollected
A. Identifiers.A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some Personal Information included in this category may overlap with other categories.

YES
C. Protected classification characteristics under California or federal law.Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).YES
D. Commercial information.Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.YES
E. Biometric information.Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.YES
F. Internet or other similar network activity.Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.YES
G. Geolocation data.Physical location or movements.YES
H. Sensory data.Audio, electronic, visual, thermal, olfactory, or similar information.YES
I. Professional or employment-related information.Current or past job history or performance evaluations.YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.YES
K. Inferences drawn from other personal information.Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.YES

Sensitive Personal Information: Personal Information that reveals any of the information listed in the categories in the table below constitutes "Sensitive Personal Information". In the past 12 months, we have collected the following categories of Sensitive Personal Information:

CategoryCollected
A. Social security, driver's license, state identification card, or passport number.YES
B. Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.YES
C. Precise geolocation.YES
D. Racial or ethnic origin, religious or philosophical beliefs, or union membership.YES
E. Contents of a consumer's mail, email, and text messages unless the business is the intended recipient of the communication.NO
F. Genetic data.NO
G. The processing of biometric information for the purpose of uniquely identifying a consumer.YES
H. Personal Information collected and analyzed concerning a consumer's health.NO
I. Personal Information collected and analyzed concerning a consumer's sex life or sexual orientation.NO

PERSONAL INFORMATION SOURCES

The categories of sources from whom we collected the Personal Information and Sensitive Personal Information listed above include the following:

  • Directly from you or an authorized agent or family member, through direct interactions and forms
  • Service Providers and other third parties (e.g., credit bureaus or mortgage brokers)
  • Directly and indirectly from activity on our Website, Mobile App, or Social Networks
  • Through passive collection of information about your interactions, including page clicks, time spent, or other automatically collected meta-data Internet cookies
  • Government Agencies and other publicly available sources

USE OF PERSONAL INFORMATION

We may use or disclose the Personal Information we collect for one or more of the following business purposes:

  • To provide you with information, products, loans, or services that you request from us, including maintaining or servicing accounts, providing customer service, processing transactions, verifying customer identity, processing payments, or providing similar services
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
  • To maintain, improve, upgrade, or enhance our products and services
  • To carry out our obligations and enforce our rights arising from any contracts entered between you and us, including billing and collections
  • Complying with laws and regulations and to comply with other legal process and law enforcement requirements (including any internal policy based on or reflecting legal or regulatory guidance, codes, or opinions)

SHARING PERSONAL INFORMATION

We may share your Personal Information and Sensitive Personal Information by disclosing it to a third party for a business purpose. In the preceding twelve (12) months, we have disclosed Personal Information and Sensitive Personal Information for a business purpose to the categories of third parties indicated in the charts below. We do not sell Personal Information or Sensitive Personal Information. In the preceding twelve (12) months, we have not sold the following categories of Personal Information or Sensitive Personal Information to the categories of third parties indicated in the charts below.

Personal Information:

Personal Information CategoryCategories of Third-Party Recipients and Business Purpose Disclosures
A: Identifiers.Vendors and Service Providers who provide services such as website hosting, data analysis, payment, account opening and transaction processing, check order fulfillment, customer service, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
B: California Customer Records Personal Information categories.Vendors and Service Providers who provide services such as website hosting, data analysis, payment, account opening and transaction processing, check order fulfillment, customer service, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
C: Protected classification characteristics under California or federal law.Vendors and Service Providers who provide services such as compliance monitoring, data analysis, payment processing, account opening and transaction processing, customer service, auditing, and marketing; governmental entities for regulatory compliance purposes
D: Commercial information.Vendors and Service Providers who provide services such as compliance monitoring, website hosting, data analysis, customer service, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
E: Biometric information.Vendors and Service Providers who provide services such as website hosting, data analysis, identity verification, account opening and transaction processing, customer service, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
F: Internet or other similar network activity.Vendors and Service Providers who provide services such as website hosting, data analysis, identity verification, account opening and transaction processing, customer service, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
G: Geolocation data.Vendors and Service Providers who provide services such as website hosting, data analysis, account opening customer service, auditing, and marketing
H: Sensory data.Vendors and Service Providers who provide services such as website hosting, data analysis, customer service, and identity verification
I: Professional or employment-related information.Vendors and Service Providers who provide services such as website hosting, data analysis, payment, account opening and transaction processing, customer service, email delivery, auditing, and marketing; governmental entities for regulatory compliance purposes
J: Non-public education information.We do not share this category of information
K: Inferences drawn from other personal information.Vendors and Service Providers who provide services such as website hosting, data analysis, customer service, auditing, and marketing, identity verification, risk management, regulatory compliance; governmental entities for regulatory compliance purposes

Sensitive Personal Information:

Personal Information CategoryCategories of Third-Party Recipients and Business Purpose Disclosures
A. Social security, driver's license, state identification card, or passport number.Vendors and Service Providers who provide services such as payment processing, client onboarding and transaction processing, customer service, identity verification, email delivery, auditing, regulatory compliance and marketing; governmental entities for regulatory compliance purposes
B. Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.Vendors and Service Providers who provide services such as online and mobile banking, identity verification, data analysis, payment processing, account opening and transaction processing, check order fulfillment, customer service, regulatory compliance and auditing; governmental entities for regulatory compliance purposes
C. Precise geolocation.We do not share this category of information
D. Racial or ethnic origin, religious or philosophical beliefs, or union membership.Governmental entities for regulatory compliance purposes
E. Contents of a consumer's mail, email, and text messages unless the business is the intended recipient of the communication.We do not collect this category of information
F. Genetic data.We do not collect this category of information
G. The processing of biometric information for the purpose of uniquely identifying a consumer.Vendors and Service Providers who provide services such as data analysis, identity verification, payment processing, transaction processing, customer service, auditing, and marketing
H. Personal Information collected and analyzed concerning a consumer's health.We do not collect this category of information
I. Personal Information collected and analyzed concerning a consumer's sex life or sexual orientation.We do not collect this category of information

YOUR RIGHTS UNDER THE CCPA

The CCPA provides California residents with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know: You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive your request and confirm your identity (see Exercising Your Rights to Know, Delete, and Correct), we will disclose to you:

  • The specific pieces of Personal Information we collected about you (also called a data portability request)
  • The categories of Personal Information we collected about you
  • The categories of sources for the Personal Information we collected about you
  • The Personal Information categories sold or shared, if any, and the categories of third parties purchasing or receiving that Personal Information
  • The Personal Information categories disclosed for a business purpose, if any, and the categories of persons receiving the Personal Information
  • Our business or commercial purpose for collecting, selling, or sharing that Personal Information

Right to Delete: You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive your request and confirm your identity (see Exercising Your Rights to Know, Delete, and Correct), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated by you within the context of our ongoing business relationship with you, or otherwise perform a contract you have entered into with us.
  • Help ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for those purposes.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.

Right to Correct: You have the right to request that we correct any inaccuracies in your Personal Information we hold about you, considering both the Personal Information's nature and processing purposes. Upon receiving your request (see Exercising Your Rights to Know, Delete, and Correct), we will use commercially reasonable efforts to:

  • Correct the Personal Information on our existing systems or alternatively, delete the contested Personal Information if the deletion does not negatively impact you or if you consent to such deletion.

Right to Opt-Out: You have the right to prevent the sale and sharing of your Personal Information to third parties at any time by requesting that we stop doing so (see Exercising Your Rights to Opt-Out).

Right to Limit Sensitive Personal Information: You have the right to limit how we use and disclose your Sensitive Personal Information by requesting that we restrict our use and disclosure of such Sensitive Personal Information to the "Permitted Sensitive Personal Information Purposes", which allow us to collect, use, and disclose Sensitive Personal Information for the following purposes, even after you exercise your limitation rights:

  • To perform services or provide goods that an average consumer requesting those goods or services would reasonably expect.
  • To prevent, detect, and investigate security incidents compromising Personal Information.
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at our business and to prosecute those responsible for those actions.
  • To ensure individuals' physical safety.
  • For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of your current interaction with us, so long as we do not:

    • disclose your Sensitive Personal Information to another third party; or
    • use it to build a profile about you or otherwise alter your experience outside your current interaction with us.
  • To perform services for the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing, storage, or providing similar services for the business.
  • For products, services, or devices that we own, manufacture (directly or indirectly), or control, to:

    • verify or maintain the quality or safety of the product, service, or device; or
    • improve, upgrade, or enhance the service or device.
  • For purposes that do not infer characteristics about you.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.

EXERCISING YOUR RIGHTS

Right to Know, Delete, and Correct: To exercise your rights to know, delete, or correct described above, please submit a request by either:

Right to Opt-Out: To exercise your right to opt-out, please submit a request by either:

Right to Limit Sensitive Personal Information: To exercise your right to limit Sensitive Personal Information, please submit a request by either:

Submission and Response

Once you have submitted a request, we will acknowledge receipt of your request and advise you how long we expect it will take to respond if we are able to verify your identity. Also, we may ask you to describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. Only you or a person that you authorize to act on your behalf, may make a Verifiable Consumer Request, as defined in the CCPA, related to your Personal Information. You may also make a Verifiable Consumer Request on behalf of your minor child.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Additionally, we will not honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA's access or deletion rights. We will advise you in our response if we are not able to honor your request. We will not provide social security numbers, driver's license numbers or government issued identification numbers, financial account numbers, account passwords or security questions and answers, or any specific pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft or fraud or unreasonable risk to data or systems and network security.

Making a Verifiable Consumer Request does not require you to create an account with us. We will only use Personal Information provided in a Verifiable Consumer Request to verify the requestor's identity or authority to make the request.

We commit to respond to a Verifiable Consumer Request within 45 days of its receipt. If we require more time (up to a total of ninety (90) days), we will inform you of the reason and extension period in writing.

Authorized Agent

You may authorize an agent to exercise your rights on your behalf. When a request is submitted by an authorized agent, WaFd Bank will require the requestor to: (i) provide the authorized agent's written permission to do so; and (ii) will require the requestor to verify their own identity directly with WaFd Bank. If WaFd Bank is unable to verify the identity of the requestor or does not receive proof from the authorized agent that the requestor authorized the agent to act on the requestor's behalf, the request will be denied.

CHANGES TO THIS CCPA NOTICE

WaFd Bank may make periodic changes to this CCPA Notice. When these changes occur, we will post the new CCPA Notice on our website and change the "Last Updated" date. When appropriate, we may notify you through other means.

CONTACT FOR MORE INFORMATION

If you have any questions about this policy, please contact us at:

E-mail: privacy@wafd.com
Address: 425 Pike Street, Seattle, WA 98101
Toll Free Number: 800-324-9375

Last Updated: November, 2023

California Consumer Privacy Act (CCPA) Request

exclamation-triangle
CCPA requests may only be submitted for California residents.

California Consumer Privacy Act Notice at Collection

file-pdfPrinter friendly version of Protecting Your Privacy

Washington Federal Bank ("we", "us", or "WaFd Bank") is collecting your personal information and sensitive personal information to support its business operations, including for the business purposes listed in the chart below.

We do not sell personal information, including any sensitive personal information. To view our full Privacy Policy, visit www.wafdbank.com/privacy-center#privacy-policy. You may also review and download our California Consumer Privacy Act Notice, which applies to California residents, by visiting www.wafdbank.com/privacy-center#ccpa-notice.

We may collect the personal information and sensitive personal information categories listed in the tables below. The tables also list, for each category, our expected retention period, use purposes, and whether we sell the information or share it with third parties for cross-context behavioral advertising.

As to all information collected as disclosed in this notice, WaFd does not retain Personal Information or Sensitive Personal Information for each disclosed purpose for which the Personal Information was collected for longer than is reasonably necessary for that purpose or as required by law.

Personal Information CategoryBusiness PurposeSold or Shared For Cross-Context Behavioral Advertising
Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
  • Offering financial products or services
  • Marketing efforts
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
California Customer Records personal information, which includes a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Offering financial products or services
  • Marketing efforts
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
Protected classification characteristics under California or federal law, such as age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decision-making, military and veteran status, or genetic information (including familial genetic information).
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
Biometric information, such as genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
Not Sold or Shared
Internet or other similar network activity, such as browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
Not Sold or Shared
Geolocation data, such as physical location or movements.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
  • Fraud detection
Not Sold or Shared
Sensory data, such as audio, electronic, visual, thermal, olfactory, or similar information.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
  • Monitoring customer service
Not Sold or Shared
Professional or employment-related information, such as current or past job history or performance evaluations.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
Not Sold or Shared
Non-public education information, which may include education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.Verifying consumer identitiesNot Sold or Shared
Inferences drawn from other personal information, such as a profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Offering financial products or services
  • Marketing efforts
Not Sold or Shared

Sensitive personal information is a subtype of personal information consisting of specific information categories. We may collect or use information that falls within the sensitive personal information categories listed in the table below to infer characteristics about a person.

Sensitive Personal Information CategoryBusiness PurposeSold or Shared For Cross-Context Behavioral Advertising
Government identifiers, such as your Social Security number, driver's license, state identification card, or passport number.
  • Offering financial products or services
  • Marketing efforts
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
Complete account access credentials, such as user names, account numbers, or card numbers combined with required access/security code or password.
  • Offering financial products or services
  • Marketing efforts
  • Verifying consumer identities
  • Regulatory compliance
Not Sold or Shared
Precise geolocation, such as your physical location within a small area (1,850 feet radius).
  • Offering financial products or services
  • Marketing efforts
Not Sold or Shared
Racial or ethnic origin.
  • Regulatory compliance
Not Sold or Shared
Religious or philosophical beliefs.We do not collect this category of information
Union membership.We do not collect this category of information
Mail, email or text message contents not directed to us.We do not collect this category of information
Genetic data.We do not collect this category of information
Unique biometric information used for identification.
  • Offering financial products or services
  • Verifying consumer identities
  • Regulatory compliance
  • Detecting/preventing security incidents
Not Sold or Shared
Health information.We do not collect this category of information
Sex life, or sexual orientation information.We do not collect this category of information

If you have any questions about this Notice or need to access it in an alternative format due to having a disability, please contact us at privacy@wafd.com or 800-324-9375.

Last Updated: November, 2023

arrow-to-top