Effective Date: December 15, 2021
Dave collects personal information about you for a variety of purposes. During the past 12 months, we have collected the following categories of personal information from individuals:
During the past 12 months, we have also disclosed the categories of personal information listed above for our business purposes. We have not, however, sold personal information to third parties.
We may also collect information about you from mailing list providers, publicly available sources, identification verification services and other third parties.
When you use certain Services, we may collect from you usernames, passwords, account numbers, and other account information for third-party websites and Internet banking services (“Third-Party Sites”). We also collect account information from you when you open a Dave Banking Account and obtain a Dave Card through our mobile application. This information is used to obtain your account, transaction, and other banking information from the relevant financial institution on your behalf in order to display the information to you or to fulfill your requests for certain products, services, or transactions through a Service. We use third-party service providers, such as Plaid Inc. (“Plaid”) and Galileo Financial Technologies, Inc. (“Galileo”), to obtain this information.
If you are a Dave Rewards Member, notwithstanding anything to the contrary in the Terms or Policy, Dave and Figg Inc. (“Figg”) will use transaction information solely as follows:
We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Among other things, cookies support the integrity of our registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. We may also collect information using web beacons. Web beacons are electronic images that may be used in our Services or emails. We may use web beacons to deliver cookies, count visits, understand usage, and determine whether an email has been opened and acted upon.
We may collect your computer browser type, Internet protocol address, pages visited, and average time spent on our Site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our web design and functionality.
When you use our mobile applications or the mobile versions of our Site, we may collect the following device information:
The data above allow app developers, and others to uniquely identify your device for purposes of storing application preferences and for your security.
We may use the information you provide about yourself and about your Dave Banking Account, Dave Card, or Third-Party Sites to fulfill your requests for our products, programs, and Services, to respond to your inquiries about our Services, and to offer you other products, programs, or services that we believe may be of interest to you.
We may use your information to complete transactions you request, to verify the existence and condition of your accounts, or to assist with a transaction. For example, we may use the account information you provide or that we collect from Third-Party Sites to confirm your accounts are valid and to access funds from your accounts in connection with fulfillment of the Services.
We may use your information to improve and personalize the Services. For example, we may use your information to pre-fill form fields on the Sites for your convenience.
We may share personal information about you as follows:
We take your privacy and the security of your information very seriously, and have an information security program that includes administrative, technical, and physical measures to protect your information. We hold ourselves responsible for the security of cardholder data we possess or otherwise store, process, or transmit on your behalf, or to the extent that we could impact the security of your cardholder data environment. Dave will maintain all applicable PCI DSS requirements to the extent we handle, have access to, or otherwise store, process, or transmit the customer's cardholder data or sensitive authentication data, or manage the customer's cardholder data environment on behalf of a customer. Examples of measures we have taken to protect your information include, but are not limited to:
We may provide you with information and summaries of your accounts and Services through email, SMS and mobile notifications. We may also allow you to subscribe to email newsletters and from time to time may transmit emails to you promoting Dave or third-party goods or services.
Subscribers have the ability to opt out of receiving our promotional emails and to terminate their newsletter subscriptions by following the instructions in the emails. Opting out in this manner will not end transmission of service-related emails, such as information and summaries of your accounts and Services.
If you wish to access personal information that you have submitted to us or to request the correction of any inaccurate information you have submitted to us, you may correct certain information through our Site. Alternatively, you can send an email that includes your contact information to Davecares@dave.com to request any corrections to your personal information.
You may also email us if you wish to deactivate your Services, but even after you deactivate your Services, we may retain archived copies of information about you for a period of time that is consistent with applicable law.
The California Consumer Privacy Act (“CCPA”) allows California residents, upon a verifiable consumer request and subject to applicable exemptions, to request that we give you access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of personal information that we have collected about you, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Dave will not discriminate against you for exercising your rights, such as by denying you services, charging you different prices for services, or providing you a different level or quality of services. Please note that you must verify your identity and request before further action will be taken. As part of this process, we may require you to provide government identification. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government issued identification, and the authorized agent’s valid government issued identification.
We do not sell your personal information to third parties. We do, however, share personal information with third parties for the business purposes described in this Policy.
California law also permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year.
If you are a California resident and would like to exercise your data protection rights, where applicable, you can submit a request using our online form (available here) or contact us through Dave’s Mobile App or Davecares@dave.com.
We will consider all requests and provide our response within a reasonable period of time (and within any time period required by applicable law). Please note, however, that certain information may be exempt from such requests, for example if we need to keep the information to comply with our own legal obligations or to establish, exercise, or defend legal claims.
Here is a summary of the CCPA-related categories of Personal Information we may have collected about you over the past 12 months as well as how we use it and with whom we may have shared it.
|Categories of Personal Information we collect:||How we use Personal Information:||Parties with whom your information may be shared:|
If you have questions or concerns regarding this Policy, or if you have any questions or suggestions, please contact Davecares@dave.com.
WHAT DOES Dave, Inc. (“Dave”) DO WITH YOUR PERSONAL INFORMATION?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reason Dave chooses to share; and whether you can limit this sharing.
Reasons we can share your personal information
Does Dave share?
Can you limit this sharing?
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations
For our marketing purposes– to offer our products and services to you
For joint marketing with other financial companies
For our affiliates' everyday business purposes –information about your transactions and experiences
For our affiliates to market to you
For nonaffiliates to market to you
To limit our sharing
Email us at Davecares@dave.com
If you are a new customer, we can begin sharing your information 30 days from the date you sent this notice. When you are no longer our customer, we continue to share your information as described in this notice.
However, you can contact us at any time to limit our sharing.
Email us at Davecares@dave.com
Who we are
Who is providing this notice?
What we do
How does Dave protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with industry standards. These measures include computer safeguards and secured files and buildings.
How does Dave collect my personal information?
We collect your personal information, for example, when you
Why can't I limit all sharing?
Federal law gives you the right to limit sharing only for:
State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
What happens when I limit sharing for an account I hold jointly with someone else?
Your choices will apply to everyone on your account.
Companies related by common ownership or control. They can be financial and nonfinancial companies.
Companies not related by common ownership or control. They can be financial and nonfinancial companies.
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
Other important information
FOR VERMONT RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by Vermont law, such as to process your transactions or to maintain your account.
FOR CALIFORNIA RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by California law, such as to process your transactions or to maintain your account. We will limit sharing among our companies to the extent required by California law.
FOR NEVADA RESIDENTS: We are providing this notice to you pursuant to Nevada law. If you prefer not to receive marketing calls from us, you may be placed on our internal Do Not Call List by writing to us at Dave, Inc 1265 S Cochran Ave, Los Angeles, CA 90019. Nevada law requires that we also provide you with the following contact information: Bureau of Consumer Protections, Office of the Nevada Attorney General, 555 E. Washington Street, Suite 3900, Las Vegas, NV 89101, phone number (702) 486-3132, email BCPINFO@ag.state.nv.us.
State laws may also provide you with specific privacy protections. We will comply with applicable state laws with respect to our use of your information.