PRIVACY NOTICE

This Privacy Notice describes our practices in connection with data that we collect through:

• Websites operated by us from which you are accessing this Privacy Notice;
• Software applications made available by us for use on computers and mobile devices ("apps") that link to this Privacy Notice;
• Our social media pages;
• Email messages that we send to you that link to this Privacy Notice; and
• If you are outside the U.S., communications and interactions we have with you.

SVB Wealth LLC (“SVBW”) and SVB Investment Services Inc. (“SVBIS”) are wholly-owned, non-bank subsidiaries of Silicon Valley Bank. If you are a client of our SVB Private Bank, SVBIS or SVBW, please click here for an additional privacy notice applicable to you.

If you are a California resident click here for the SVB California Privacy Rights Acts (CPRA) Notice. If you are a California resident who is also a client, other privacy notices will be made available to you or mailed to you. Please click here to exercise your do not share rights.

"Personal Data" is data that identifies you as an individual or relates to you as an identifiable individual. 

• Identity Data, including name, username, date of birth, gender, marital status, and title.
• Contact Data, including postal address, email address, and telephone numbers.
• Financial Data, including bank account and payment card details.
• Identification Data, such as Social Security number, driver's license or passport numbers.
• Transaction Data, including details about payments to and from your bank accounts and other details of products and services you have purchased from us.
• Device Data, including your Internet Protocol (IP) address, your login data, the domain and host names from which you access the Internet, the date and time you access our online properties, browser and operating system data and the Internet address of the site from which you linked to our website.
• Profile Data, including your username and password and your transactions, interests, communications and other preferences, feedback, and survey responses.
• Usage Data, including data about how you use our websites and apps, products, and services.
• Biometric data, including fingerprints, voice recordings or keystroke patterns.
• Derived device geolocation information, such as approximate geographic location inferred from an IP address.
• Marketing and Communications Data, including correspondence and other communications for the purposes of providing client support and your communication preferences.

Some of these may be considered Sensitive Personal Data depending on the impact it may have on your rights and interests. “Sensitive Personal Data” refers to Personal Data that is at a higher level of sensitivity where the unauthorized disclosure of this type of data may cause harm to the individual.

We may change your data in a way that makes it unrecognizable as your Personal Data, and it will no longer be considered Personal Data. To the extent that the data we collect is not considered Personal Data under applicable law, we may use and disclose it for other purposes.

Please do not send us any Sensitive Personal Data if you are not a client. This includes Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership.

If you disclose any Personal Data relating to other people (such as our clients' beneficial owners) to us, you represent that you have the authority to do so and to permit us to use the data in accordance with this Privacy Notice.

We collect Personal Data when you choose to provide it to us, such as when you apply to open an account with us and receive banking or other services for personal, family, or household purposes or on behalf of your employer. We also collect Personal Data when you sign up to use our services or receive our publications; request marketing material to be sent to you; complete a survey or questionnaire; contact customer service or otherwise communicate with us; or provide us with feedback.

We also collect certain Personal Data automatically from your interactions with our online properties, including:

• Through your browser or device. Certain data is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type, screen resolution, operating system name and version, device manufacturer and model, language, Internet Protocol (IP) address, and browser type and version. We use this data to ensure that our online services function properly. We may also derive your approximate location from your IP address.
• Through your use of our apps. When you download and use one of our apps, we may track and collect app usage data, such as the date and time the app on your device accesses our servers, in order to ensure that the app functions properly and to understand how it is used.
• Through the use of cookies and similar tracking technologies. If you interact with us online, you may encounter cookies. There will be a cookie notice you can read to learn how we use cookies and similar tracking technologies on our digital properties, including for analytics and advertising purposes. We do not currently respond to browser do-not-track signals.
• Physical Location. We may collect the physical location of your device by, for example, using satellite, cell phone tower, or Wi-Fi signals, for fraud prevention and in order to provide you with personalized location-based services and content. You may be able to manage the collection settings of your device's location.

In addition, we may receive your Personal Data from other sources, such as third parties and publicly available sources, including, for example, social media platforms, publicly available databases, government agencies, credit reference and financial crime prevention agencies, consumer reporting agencies, specialist data and research companies, and event or joint marketing partners.

We use Personal Data for the following purposes:

• Providing our products and services or fulfilling your requests.
  
  • To communicate with you and to share important notices;
  • To evaluate your or your employer's eligibility for products and services;
  • To provide you or your employer with products and services, including opening and maintaining your account; managing payments, fees, and charges; collecting amounts owed to us; processing your transactions; and providing you with related customer service;
  • To respond to your questions and fulfill your requests and otherwise manage our relationship with you or your employer;
  • To send administrative information to you, such as changes to our terms, conditions, and policies.
• Providing you with our newsletter or other marketing materials and other advertising.
  
  • To send you marketing related emails, with information about our services, products, and other SVB news. If you do not want to receive marketing materials, after opting in (if applicable), you may opt out of those marketing communications at any time by following the opt-out instructions contained in the marketing messages or by contacting us.
• Analyzing Personal Data for providing personalized content and improving services.
  
  • To analyze or predict users' preferences in order to improve our online services;
  • To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with content, information, and offers that we believe will be relevant and interesting to you.
• Accomplishing our business purposes.
  
  • For data analysis, including to improve the efficiency of our digital services;
  • For audits, to verify that our internal processes function as intended;
  • To address legal, regulatory, or contractual requirements, including requirements intended to prevent money laundering;
  • To control risk of fraud and for security monitoring purposes, such as to detect and prevent cyberattacks or attempts to commit identity theft or other fraud;
  • For enhancing, improving, maintaining, or modifying our products and services, as well as undertaking quality and safety assurance measures;
  • For identifying and understanding usage trends;
  • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our existing and prospective clients;
  • For troubleshooting, testing, system maintenance and reporting.
• Sharing with service providers and subprocessors.
  
  • For any of the uses above, but also for services, analytics, data storage, security, or fraud prevention.

Most commonly, we will use your Personal Data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where we need to comply with a legal or regulatory obligation.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

Generally, we do not rely on consent as a legal basis for processing your Personal Data. However, in relation to sending direct marketing communications to you, we may rely on legitimate interests or consent. If you do not want to receive marketing materials, you may opt out of those marketing communications at any time by following the opt-out instructions contained in the marketing messages or by contacting us.

We have set out in the table below a description of the ways we use your Personal Data and which of the legal bases we rely on to do so. We have also identified our legitimate interests, where appropriate. For individuals in China, we do not rely on legitimate interests, so our processing of your Personal Data will be based on your consent.

We may process your Personal Data on more than one lawful ground, depending on the specific purpose for which we are using your data. Please contact us if you would like details about the specific legal basis on which we rely, if more than one is set out in the table below.

We disclose Personal Data as follows:

With respect to Personal Data in China, when providing that data to other parties or transferring that data outside of China, except where required or permitted by law, we will not disclose your Personal Data without seeking and obtaining your separate consent, and will notify you of the recipient’s identity, contact information, the purpose and method of processing, the categories of Personal Data, the method and procedure to exercise your rights against the overseas recipient (if cross-border data transfer is involved).

For a list of affiliated and third-party service providers that SVB shares personal data with, along with more specific information, please email us at privacyoffice@svb.com.

Other Disclosures

We also disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so, as set out in further detail below.

We use reasonable organizational, technical, contractual and administrative measures to protect Personal Data within our organization. Unfortunately, no data transmission or storage system can be guaranteed secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the "Contact Us" section below.

You may opt out of receiving marketing emails from us by following the opt-out instructions contained in each email, or you may visit our Commercial Bank Preference Center if you are an SVB Commercial Bank client or our SVB Private Preference Center if you are an SVB Private client.. Even if you opt out of marketing emails from us, we will continue to send you important administrative messages. If you consented to push notifications, you may opt out of receiving such push notifications from us through the settings of your device.

Depending on your jurisdiction and our relationship with you, you may have certain privacy rights that you can exercise. These rights include the right to request to access, correct, modify, update, restrict processing, revoke consent, or delete Personal Data, to request explanation of processing rules of Personal Data, to object to or opt out of the processing of Personal Data, to object to any decisions based solely on automated processing, including profiling, which produce legal effects or significantly affect you or to receive a copy of your Personal Data for purposes of transmitting it to another company. You may be able to request an explanation of personal data processing. To exercise these rights, you can contact us in accordance with the "Contact Us" section below or click here. We will respond to your request consistent with applicable law.

If you are a California resident, please see the CPRA Notice link in Section 1 or to exercise your privacy rights, you can click here.

You may make a privacy complaint with our designated jurisdictional representative, such as a Data Protection Officer (contact information below), or with a data protection authority for your country or region where you have your residence or place of work or where an alleged infringement of applicable data protection law has occurred. A list of EEA data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en. Information regarding the UK data protection authority is available here: https://ico.org.uk/. In China, you can contact the Chinese Supervisory authorities, which includes the Cyberspace Administration of China (“CAC”), the Ministry of Industry and Information Technology, the Ministry of Public Security, the State Administration for Market Regulation, financial regulators, as well as their respective counterparts at local levels. China Personal Data related complaints and reports can be submitted through https://www.12377.cn/.

We would, however, appreciate the chance to address your concerns before you approach a data protection authority, so please contact us first.

We retain Personal Data for as long as needed or permitted to fulfill the purpose(s) for which it was obtained, including to satisfy any legal, compliance, accounting, or reporting requirements, and consistent with applicable law. We consider the following when determining our retention periods:

• The length of time we have an ongoing relationship with you and provide our products and services to you (for example, for as long as you have an account with us or continue to use our digital services);
• Whether there is a legal obligation to which we are subject (for example, to keep records of your transactions for a certain period of time, or a legal hold is in place);
• Whether retention is advisable in light of our legal position, such as in regard to applicable statutes of limitations, litigation, or regulatory investigations;
• Our records retention schedule tiers

In some circumstances we will anonymize your Personal Data (so that it can no longer be associated with you) for research, analytics, or statistical purposes, in which case we may use this information indefinitely.

This Privacy Notice does not address the privacy, data, or other practices of any third parties, including any third party operating a website or service to which our online services link. The inclusion of a link on our online services does not imply endorsement of the linked site or service by us or our affiliates.

Our services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Data from, or direct any of our products or service to, individuals under age 16.

Your Personal Data may be stored and processed in any country where we have affiliates or in which we engage service providers. (For a list of those countries, please contact us.) You understand that your data will be transferred to countries outside of your country of residence which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your Personal Data.

ADDITIONAL INFORMATION REGARDING THE EEA and the UK: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these “specified” countries is available here. The UK recognizes the EEA and many of the specified countries as providing an adequate level of data protection according to UK standards. For transfers from the EEA or the UK to countries not considered adequate by the European Commissionor the UK government, as applicable, we have put in place applicable measures where necessary to protect your Personal Data. You may obtain a copy of these measures by clicking here.

The "LAST UPDATED" legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when we post the revised Privacy Notice on our online services.

Silicon Valley Bank, a division of First-Citizens Bank & Trust Company, located at 3003 Tasman Drive, Santa Clara, CA 95054, is the entity responsible for SVB’s collection, use, processing and disclosure of Personal Data under this Privacy Notice.

If you have questions about this Privacy Notice, regardless of your jurisdiction, please contact us. Because email communications are not always secure, please do not include sensitive data in your emails to us. Options to contact us:

By phone:
+1 (800) 774-7390 (U.S.)

By postal mail:
Chief Privacy Officer
Silicon Valley Bank
3003 Tasman Drive
Santa Clara, CA 95054

By email to the SVB Data Protection Officer
PrivacyOffice@svb.com

If you have questions with respect to Personal Data of China residents under this Privacy Notice, please contact the following entities:

Name:
SVB Venture Capital Investment Management (Shanghai) Co., Ltd.
By postal mail:
Global Privacy Office
PrivacyOffice@svb.com

Name:
SVB Business Partners (Beijing) Co., Ltd.
By postal mail:
Global Privacy Office
PrivacyOffice@svb.com