CCPA FAQs
General information
What does CCPA require JPMorgan Chase to do?
The California Consumer Privacy Act (CCPA) of 2018 (including as amended by CPRA) requires JPMorgan Chase to create a way for eligible California residents to exercise their rights under the law, and to fulfill those consumer privacy rights regarding their personal info. These rights include:
- Right to notice: the right to be informed about collection, disclosure, and sale of their personal info, including: the personal info collected; the categories of personal info disclosed or sold; the categories of sources of personal info and categories of third parties to whom that info is sold or disclosed; the purpose of collecting or selling personal info; and a description of the consumer’s rights.
- Right to access: the right to request the specific pieces of personal info JPMorgan Chase has collected about them; the categories of personal info we collected; the sources used to collect the personal info; the business or commercial purposes for collecting that info; and the categories of third parties with whom we share their personal info.
- Right to data portability: the right to obtain copies of their personal information in a readily usable format that'll allow them to transmit the information from one entity to another.
- Right to delete: the right to request that JPMorgan Chase delete the personal info that we collected from them.
- Right to correct: the right, in certain circumstances, to correct inaccurate personal information we collected about you; and
- Right to Equal Service and Price: the right not to be discriminated against for exercising any of these rights.
Please review the California Consumer Privacy Act (CCPA) Disclosure for additional details.
Am I covered by CCPA?
You're covered by CCPA if you're a California resident and aren't excluded based on your existing relationship with us.
I’m a current or former JPMorgan Chase customer. Can I exercise rights under the CCPA?
Customers include individuals with current retail relationships with us as well as those who applied for, but were denied or otherwise didn't get, financial products or services offered by JPMorgan Chase. Personal info collected, processed, or disclosed in connection with our retail customer relationships is exempt from the CCPA. JPMorgan Chase isn't processing requests from current or former customers. Additionally, your personal information is regulated by other state and federal laws. If you're a current customer, you can access much of the personal information we have about you by signing into your account online.
Can I still send a request if I’m not a customer?
If you're a California resident you can send us a CCPA request. The CCPA doesn't require you to be a JPMorgan Chase customer to make a request.
I'm not in California but I do have a residence there. Can I still request what personal information you have about me?
Yes, you can send in a request if you use your California address when completing your CCPA request. Keep in mind that if this isn't an address you regularly use, it may be harder for us to verify your identity or match personal info we have about you with your request.
Submitting your CCPA request
How do I send in a CCPA request?
Go to chase.com/ccparequest or jpmorgan.com/ccparequest to send in a CCPA request online, or call us at 1-800-573-7138. You can call the CCPA privacy call center toll free number 1-800-573-7138 between 7 AM – 1 AM ET.
What information is needed from me to send a CCPA request?
We need to verify your identity to protect your personal information, as well as that of others. When we verify who you are, we're ensuring that the person making the request is authorized to do so. You'll need to tell us your name, address, phone number, email, date of birth and the last 4 digits of your Social Security number.
If this request is regarding a business relationship, additional information may be needed to complete your request. Please see the section in this FAQ on Submitting a Follow-Up Request.
What happens after I send in a CCPA request?
Once we have your completed request, you'll be given a reference number as confirmation that your request was received. We'll send you a response within 45 days.
Can I send a request on behalf of someone else (spouse, mother, father, etc.)?
You can if the person you are requesting on behalf of completes and signs the CCPA Authorization form. A link to this document is included on the website within the CCPA request process, or you can download it by choosing the link below. Please make sure that the name you use when completing the authorization form exactly matches the name you use on the CCPA request that you send in.
Download CCPA Authorization Form (PDF)
Will I receive confirmation that I’ve submitted a CCPA request?
Yes, you’ll receive a confirmation with a CCPA reference number once you send in your request. If you sent your CCPA request online, you’ll see your reference number once you choose “Send request.” If you sent your CCPA request over the phone, we’ll give you your reference number at the end of your call. Your reference number will also be included with your CCPA response.
What personal info of mine will you keep as a result of my CCPA request?
We'll maintain your name, address, email and phone number for 13 months as evidence that we received your request and acted on it.
Receiving your CCPA response
How long does it take to receive my CCPA response?
You can expect to hear from us within 45 days after you submitted your initial request. We hope it’s rare, but in some instances the first response you get from us may be a notification that your response is delayed for up to an additional 45 days.
How do I receive my CCPA Response?
You'll get your CCPA response either electronically or by U.S. mail, whichever you chose when you sent in your request.
If you choose digital delivery and you don't have an existing digital profile with JPMorgan Chase, you'll need to create a CCPA privacy profile. The CCPA privacy profile is a secure option available to users who don't bank with JPMorgan Chase, but who still want to receive their CCPA response electronically. With a CCPA privacy profile, you can easily send in future or follow-up requests and receive your responses by a secure and trusted method. Creating a profile won't create an account with us. After requesting a CCPA privacy profile, you'll receive instructions on how to create your username and password. These instructions will expire after 60 days. Please complete your CCPA privacy profile as soon as you receive your instructions.
I selected electronic delivery. How do I access my CCPA Response?
To access your response digitally, do the following:
- Click the links directly in your CCPA response notification e-mail or visit chase.com/ccparequest or jpmorgan.com/ccparequest. and choose “Manage My Request”
- You'll be asked to verify yourself. Please choose the sign-in method that applies to you: “I have an online profile with JPMorgan Chase” or “I created a privacy profile”
- Once you’ve signed in, choose “See the response to my CCPA request.” This will take you to your CCPA response. You'll have the ability to download your response documents and save to your personal device.
I didn’t get what I expected in my CCPA response. Can I make another request (Follow-Up Request)?
If you received your response to a request and you don't believe that it's complete, you can send a follow-up request online at chase.com/ccparequest or jpmorgan.com/ccparequest. You should include in that follow-up request the reasons why you believe the response was incomplete. Keep in mind that we only retain consumer info for a certain period of time, so we may no longer have your information at the time you request it.
If your original request relates to a business relationship, please provide the business name, address, email, and names of products or primary contacts at JPMorgan Chase, in your Follow-Up Request.
Why was my CCPA request declined?
Our response to your request should tell you why your request was denied.
There are several reasons why your request could have been declined, including the following:
- If you aren't a California resident, you aren't covered by CCPA.
- If you're an existing JPMorgan Chase customer, you already have access to your personal info. You can sign in to your online profile and get information that way. You also get annual privacy notices with details about the personal info we collect.
- If we previously collected data but we no longer have your information at the time of your request.
If you disagree with the denial reason stated in your response, you can send a follow-up request online at chase.com/ccparequest or jpmorgan.com/ccparequest and explain why you disagree. Keep in mind that we only retain consumer info for a certain period of time, so we may no longer have your information at the time you request it.
I don't understand the response to my CCPA request. How can I ask questions?
You can send in a follow-up request to clarify questions from your original request. Please review this complete list of FAQs to see if they can answer any of your questions.
I sent in a request to access my info, now I'd like to request to delete it. How do I do that?
You can send in another request and ask that your info be deleted.
I’d like to delete my personal information. Will I receive a copy of the personal information that'll be deleted?
If you’d like to know what personal info may be deleted as a result of your CCPA deletion request, you must first submit an access request to obtain a copy of personal information we have collected and maintain about you.
I’d like to modify my personal information.
Follow the instructions on chase.com/ccparequest for requesting to modify your personal information. Please provide as much information as you can in the text regarding the information you are requesting to modify.
Please note, if you are a JPMorgan Chase customer, the best way to modify your personal information is on our web or mobile apps, contacting the number on the back of your card or statement or reaching out to your banker.
If you are not a JPMorgan Chase customer and are not covered by any other exemption, we may delete your personal information, rather than correcting it.
My CCPA response stated that you were unable to verify my identity. What does that mean?
We may not have been able to verify your identity for several reasons: The info you provided for verification didn't match what we have on file, or we didn't have enough info on you in our files to make a match.
Protecting your data
How does JPMorgan Chase keep my information safe?
We use reasonable physical, electronic, and procedural safeguards that comply with federal standards to protect and limit access to your personal information. This includes device safeguards and secured files and buildings. For more details about how we protect your personal information go to:
chase.com/privacy
jpmorgan.com/privacy
Please note that information you send to us electronically may not be secure when it's transmitted to us. We recommend that you don't use unsecure channels to communicate sensitive or confidential info (such as your Social Security number) to us.
Where are your privacy policies?
Your privacy is important to us and we take our responsibility to protect the privacy and confidentiality of your information, including personal information, very seriously. To learn more about our privacy practices please go to:
chase.com/privacy
jpmorgan.com/privacy
We follow a clear set of guidelines each time we talk with you about your accounts or share your information with others. Our online privacy policies explain how we collect, share, use, and protect information when you go to or use our online services. Other privacy principles or policies could apply depending on how you interact with us, the financial products or services you have with us, or the jurisdiction in which we are doing business with you.
To access CCPA related FAQs please go to chase.com/ccpafaqs or jpmorgan.com/ccpafaqs.
What does JPMorgan Chase do with my personal info?
We use your personal info to verify your identity, and to respond to a request you've made. We also may use it to offer our products and services to you. If we collect your personal info through our website or mobile services, we may use that info to perform analytics concerning your use of our online services, or to provide you with tailored content and marketing messages. We may also need to use your personal info to comply with our legal requirements, industry standards, or contractual obligations. You can find a full description of our privacy policy at chase.com/privacy or jpmorgan.com/privacy.
Please update your browser.