M1 Financial Privacy Policy

Please read this Privacy Policy carefully.

M1 Financial (“M1”, “we”, “us”, and “our”), is committed to ensuring the security and protection of the personal information that we collect. This Privacy Policy includes (a) our products or services and processes, which may result in the collection of personal data; (b) the purpose for processing personal data; (c) the persons or entities with whom we share personal data; and (d) how long we maintain personal data. This Privacy Policy applies to:

  • All information we collect through the products, equipment, events, promotions, surveys, contests and all other services (collectively, the “Services”) provided on our websites, our applications and platforms, including mobile applications, any affiliated or non-affiliated third party sites, and all social media platforms (collectively, the “Sites”); and
  • All current, potential and former customers, customers’ employees, independent contractors, vendors, third parties and/or any other person whose personal data we have collected electronically, in person or otherwise.

Special Note: The Sites are general audience sites and are not designed or intended to target children younger than 16. We do not knowingly target or collect personal information from any person younger than 16.

What Information Do We Collect?

Information We Collect Automatically. If you use the Sites, read or download information, your web or mobile browser may automatically send us your internet or other network activity including one or more of the following (collectively, “Network Information”):

  • Your internet protocol (IP) address, registration date, and one or more cookies that may uniquely identify your browser;
  • Your internet domain and the specific path, actions and navigation choices;
  • The internet address of the site from which you linked the Sites, and the time and date you accessed the Sites;
  • Your browsing history, search history, information on your interaction with the Sites or other websites and applications or advertisements; and
  • Your browser software, operating system and browser language, and information about your location and mobile device, including a unique identifier for the mobile device.

Why We Collect: We collect this information for business and commercial purposes, including in order to:

Maintain or analyze the functioning of the Sites or Services and to maintain network communications;

Monitor and analyze web traffic and online behavior for search engine optimization and social media marketing;

Host data files that enable the Sites to function, be distributed, and to provide specific features or parts of the Sites;

To create, maintain, customize, secure, and manage your accounts with us, including for accounting, finance, and dispute resolution purposes (such as accounts receivable, accounts payable, account reconciliation, cash management, or money movement) and for consolidated management and reporting;

To personalize your experience on the Sites and to deliver content and Services relevant to your interests and requests through our Sites (with your consent as required by law);

To process your requests, purchases, transactions, and payments and to prevent financial fraud and other illicit activity;

For testing, research analysis, and product development, including to develop and improve the Sites and Services.

Initiate, assess, develop, maintain, or expand a business relationship, including negotiating, contracting, and fulfilling obligations under contracts;

Manage a database of email information, phone information or other information and send transactional communications (such as requests for information, responses to requests for information, orders, confirmations, training, and service updates);

Assure quality control and to enforce M1’s standards and policies;

Manage security, including monitoring individuals with access to the Sites, applications, systems, or facilities, investigation of threats, and as needed for any data security breach notification;

Manage relationships with current and potential customers and for marketing purposes, including sending marketing, promotional, product and service, and customer communications and surveys and other communications to individuals who have not objected to receiving such communications;

Anonymize or de-identify the personal information;

View and incorporate content hosted on external sites;

Respond to law enforcement requests and as required by applicable law, court order, or governmental regulations; and

Process payment information and transactions.

Information You Give To Us and Information We Collect From Others. If you are a customer, or you otherwise use or purchase our Services, we receive and store information you enter on the Sites, or that you give us in-person, via telephone, email, or otherwise. We may also collect personal information from third parties that operate (a) portions of the Sites on our behalf or (b) independent websites. When we obtain personal data from third parties, we will treat the acquired information like the information that we collect ourselves. Depending on the Services we provide to customers and/or the services being provided to us by other third parties, we may collect (and over the previous 12 months have collected) the following information about you from you and/or others:

  • Network Information
  • Personal information and identifiers, such as name, postal address, email address, telephone numbers, account name, social security number, driver’s license or state identification card number, passport number or other similar information, physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information (collectively, “Personal Information and Identifiers”);
  • Protected classification information, such as race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), veteran or military status, sexual orientation or other similar information (collectively, “Protected Class Information”);
  • Commercial information, such as the Services purchased, obtained or considered, or other purchasing or consuming histories (collectively, “Commercial Information”);
  • Biometric and identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait or other physical patterns, and sleep, health or exercise data, genetic, physiological, behavioral and biological information or other similar information (collectively, “Biometric Information”);
  • Sensory data, such as audio, electronic, visual, thermal, olfactory or similar information (collectively, “Sensory Information”);
  • Geolocation data, such as physical location or movements (collectively, “Geolocation Information”);
  • Professional or employment-related information, such as work history and job descriptions with current and prior employers (collectively, “Employment Information”); and
  • Education information, such as student financial information, grades, transcripts, class lists and other records related to a student maintained by an educational institution or party acting on its behalf (collectively, “Education Information”).

Why We Collect: We collect this information for business and commercial purposes, including in order to:

To create, maintain, customize, secure, and manage your account with us, including for accounting, finance, and dispute resolution purposes (such as accounts receivable, accounts payable, account reconciliation, cash management, or money movement) and for consolidated management and reporting;

To personalize your experience on the Sites and to deliver content and Services relevant to your interests and requests through our Sites (with your consent as required by law);

To process your requests, purchases, transactions, and payments and to prevent financial fraud and other illicit activity;

For testing, research analysis, and product development, including to develop and improve the Sites and Services.

Initiate, assess, develop, maintain, or expand a business relationship, including negotiating, contracting, and fulfilling obligations under contracts;

Perform due diligence regarding an individual’s qualifications and eligibility for the Services, including verifying the identity, qualification, authority, and creditworthiness of the individual and obtaining publicly-available information from third parties (such as publicly-available sanction lists from screening companies);

Manage a database of email information, phone information or other information and send transactional communications (such as requests for information, responses to requests for information, orders, confirmations, training, and service updates);

Assure quality control and to enforce M1’s standards and policies;

Manage and mitigate risk, including for audit and insurance functions, and as needed to meet our obligations and to protect assets;

Manage security, including monitoring individuals with access to the Sites, applications, systems, or facilities, investigation of threats, and as needed for any data security breach notification;

Monitor and analyze web traffic and online behavior for search engine optimization and social media marketing;

Host data files that enable the Sites to function, be distributed, and to provide specific features or parts of the Sites;

Manage relationships with current and potential customers and for marketing purposes, including sending marketing, promotional, product and service, and customer communications and surveys and other communications to individuals who have not objected to receiving such communications;

Anonymize or de-identify the personal information;

View and incorporate content hosted on external sites;

Respond to law enforcement requests and as required by applicable law, court order, or governmental regulations; and

Process payment information and transactions.

How We Collect Information From Customers. Pursuant to our agreements with customers, and in order to perform and provide the Services thereunder, our customers may provide us with information about their clients, employees and contractors when using the Sites or Services.

Special Note for Clients, Employees and Contractors of Customers: If you are a client, employee or contractor of a customer that uses the Services, please refer to the applicable customer’s privacy policy, which applies to the collection, use, processing and retention of your personal information. Under applicable privacy laws we are a data processor and the customer will remain the data controller at all times.

How We Collect Information From Other Third Parties. We may use cookies to recognize you when you return to the Sites in order to provide you with a better user experience. We also allow our affiliates and third-party vendors to use cookies on our Sites; some of these parties may use cookies in ways that we do not. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the Sites. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our Sites.

Facebook, Instagram, & Google. Technologies like cookies, pixel tags, device or other identifiers and local storage are used to deliver, secure, and understand products, services, and ads, on and off Facebook, Instagram, Twitter, LinkedIn, YouTube, and related social media platforms. They also are used to gather information for remarketing to similar audiences on our Sites. Because of this, third-party vendors, including Google, show our ads on sites across the internet. This technology allows third-party vendors, including Google, to use cookies to serve ads based on someone’s past visits to our Sites. You may opt out of Google’s use of cookies by visiting Google’s Ads Settings. You may also opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page.

Do We Share Information With Third Parties?

Over the previous 12 months, we have shared the following categories of personal information with third parties: Personal Information and Identifiers, Protected Classification Information, Commercial Information, Biometric Information, Network Information, Sensory Information, Geolocation Information, Employment Information, and Education Information.

We will not disclose your personal information to third parties except to provide you with information or services you request, deliver our Services that include your personal information, or under certain circumstances as described in this Privacy Policy , including:

Your Consent. We may share personal data with your consent.

Disclosure For Legal Reasons. We may release personal data to third parties: (1) to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order; or (2) in special cases, such as a physical threat to you or others, a threat to homeland security, a threat to our system or network, or cases in which we believe it is reasonably necessary to investigate or prevent harm, fraud, abuse, or illegal conduct. We may also disclose personal data where needed to affect the sale or transfer of business assets, to enforce our rights, protect our property, or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions.

Agents & Contractors. Our contractors sometimes have access to your personal data in the course of assisting in the operation of our business and providing Services to you. These contractors include vendors and suppliers that provide us with technology, services, and/or content for the operation and maintenance of the Sites and the Services. Access to your personal information by these contractors is limited to the information reasonably necessary for the contractor to perform its limited function.

Links To Other Sites. The Sites may contain links to other websites and resources located on servers maintained by third parties. These links are provided for your convenience and information only and, as such, you access them at your own risk. When you click on one of those links, we will not provide any personal information about you, but may let the site know that you came from M1’s Sites. We do not control the privacy practices and policies of other sites. Please read their privacy policies in order to understand what information they collect about you and how they use it.

Aggregated, Non-Personal Information. We may share aggregated, non-personal information about you with third parties. This is information that is combined with the non-personal information of other users and does not allow you to be identified or contacted. Depending on the circumstances, we may or may not charge third parties for this aggregated information. We also may not limit the third parties' use of the aggregated information.

Changes In Our Corporate Structure. If all or part of M1 is merged, acquired or otherwise transferred to another entity, the personal data you have provided to us may be transferred as part of that transaction. We will take steps to ensure that any personal data that is transferred will not be used or shared in a manner inconsistent with this Privacy Policy, as it may be amended.

Does M1 Sell Your Personal Information?

No. Although M1 shares data with third parties as outlined in in this Privacy Policy, M1 does not sell any of your personal information to any third party.

How and Where Do We Process and Store Data?

Methods of Processing. The data processing is carried out in accordance with our privacy procedures and policies and using computers and/or related software and IT tools. In some cases, the data may be accessible to certain types of (i) internal parties in charge or involved with the operation of our Sites and Services (i.e., administration, legal, sales and marketing, etc.) or (ii) external parties who assist us in providing, operating, and maintaining our Sites and Services, (i.e., third-party technical service providers, mail carriers, hosting providers, communications agencies, etc.).

Third Party Processing. We assess and review each of our third party processers to ensure that they are in compliance with this Privacy Policy.

How Do We Protect Personal Data?

M1 protects data using administrative, technical, and physical safeguards. When we use third-party service providers, we ask those providers to implement similar safeguards. However, we cannot guaranty that your information is completely secure either within M1 or on the systems of third party service providers.

How Long Do We Keep Your Personal Data?

We retain personal data we collect from you when we have an ongoing legitimate business need to do so (i.e., to provide you with the Services you have requested or to comply with applicable legal requirements). When we no longer have an ongoing legitimate business need to process your personal information, we will physically destroy, delete or anonymize it or, if this is not possible, then we will securely store your personal data and isolate it from any further processing until deletion is possible.

California Residents

If you are a resident of California, please read the California Privacy Notice for more information regarding your privacy protections and privacy rights pursuant to the California Consumer Privacy Act of 2018.

How To Contact Us

If you have any questions regarding this Privacy Policy or exercising any of your privacy rights, please contact us at the telephone number, email address or mailing address listed below:

Telephone Number: 888-959-3500

Email Address: info@m1financial.com

Mailing Address: 10712 South 1300 East, Sandy, Utah 84094

Changes To This Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will give notice to you via (i) the Sites or (ii), where feasible, and at our discretion, contact information available to us. We encourage you to periodically review this Privacy Policy so as to remain informed on how we are protecting your information.

California Residents

If you are a resident of California, please read the California Privacy Notice for more information regarding your privacy protections and privacy rights pursuant to the California Consumer Privacy Act of 2018.