Last updated: February 7, 2025
Finco Services, Inc., Finco Advance LLC, Finco Borrow LLC and their affiliates and agents (“Current,” “we,” “our,” “us”) are committed to your privacy. Our goal is to maintain your trust and confidence when handling your personal and financial information. This Privacy Policy (the “Policy”) describes Current’s privacy practices and applies to anyone who uses our mobile application or website (the “Services”), or otherwise interacts with us.
By continuing to use the Services or interact with Current, you agree to the terms and conditions of this Policy.
Table of Contents
1. How We Collect Information About You
2. What Information We Collect About You
3. How We Use Your Information
4. How We Share Your Information
5. Links to Third-Party Services and Features
6. Security of Your Information
7. Limiting the Use of Your Information
8. Children’s Privacy
9. Data Retention
10. Changes to Our Policy and Practices
11. Contact Information
CALIFORNIA NOTICE AT COLLECTION
Current collects information about you when you voluntarily provide it to us through the Services, including when you link your Current account with other financial institutions, service providers, websites, or apps, and through your communication with Current via email, phone, or chat. We also collect information from the devices you use when you use the Services.
2.1 Information You Provide
We collect the following categories of information about you, if you provide them when you use the Services or when you communicate with us, including:
Identification Information, such as your name, email address, phone number, Social Security Number, Internet Protocol (“IP”) address, full residential address, date of birth, photograph, and information related to your passport and driver’s license.
Financial Information, such as your bank account and payment card numbers
Transaction Information, such as when and where transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, and the devices and payment methods used to complete the transactions, when you use the Services to make, accept, or request payments
Other Information that you voluntarily provide to us, including any actions you perform on the Services and third party information to which you give us access.
2.2 Information We Collect From Your Use of the Services
We collect information about you and the devices you use to access the Services, such as your computer, mobile phone, or tablet. The information that we collect includes:
Device information: Information about your device, including your hardware model, operating system and version, device name, unique device identifier, mobile network information, and information about the device’s interaction with the Services.
Internet or other electronic network activity information: Information about how you use and interact with the Services, including your access time, browser type and language, country and language setting on your device, IP address, the domain name of your internet service provider, other attributes about your browser, mobile device and operating system, any specific page you visit on our platform, content you view, features you use, the date and time of your use of the Services, your search terms, and the website you visited before you visited or used the Services.
Geolocation Information: The location of your device, including your IP address, device language, and location of your network provider. This may include precise geolocation information.
Inferences drawn from any of the information we collect to create a profile about you that may reflect, for example, your preferences, characteristics, and behavior, including for account security purposes or to enhance the Services to you.
We use your information to provide, maintain, and improve the Services, and as otherwise disclosed to you, including to:
establish and manage Current accounts;
process and fulfill transactions;
determine your eligibility for, and administer your participation in the Services;
collect funds as authorized in connection with your Current account;
perform accounting, auditing and other internal functions;
provide member support and perform related quality assurance, testing and training;
use machine learning, AI, and risk modeling;
research and develop new products and services;
communicate with you about opportunities, products, services, contests, promotions, discounts, incentives, surveys, and rewards offered by us and select partners;
maintain and enhance the safety and security of the Services and prevent misuse, including to:
verify your identity;
make sure you adhere to applicable agreements or policies;
investigate, detect, prevent, recover from, or report fraud, misrepresentations, security breaches or incidents, other potentially prohibited, malicious, or illegal activities, or to otherwise help protect your account, including to initiate chargebacks on your behalf;
protect your, our, or our other customers’ rights and property;
identify and fix errors that impair how the Services function;
comply with applicable laws, regulations, legal requirements, industry standards, and Current policies;
respond to lawful requests for information from the government or to valid legal process;
exercise our rights and remedies and defend against legal claims.
Aggregate Data
We may anonymize and aggregate data collected through the Services so that it does not allow a third party to easily identify a specific individual. We may use such data for any purpose.
We may share your information with the following categories of third parties:
financial institutions, payment networks, payment card associations, credit bureaus, carrying brokers, and other entities;
merchants, such as when you initiate a purchase;
vendors, such as those who help us with customer service, dispute processing, fraud prevention, identity verification, and data management and analysis;
advertising partners who help us run our advertising campaigns, analyze our site, and track metrics on our behalf or in connection with the Services;
companies affiliated with Current;
others with your consent
In addition, if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, transition of service to another provider, or other corporate change, your information may be sold or transferred as part of, or in preparation for, such a transaction as permitted by law and/or contract. We cannot control how such entities may use or disclose such information.
We may also share your information if we believe that disclosure is reasonably necessary (i) to comply with any applicable law, regulation, legal process or governmental request (e.g., from creditors, tax authorities, law enforcement agencies, in response to a garnishment, levy, or lien notice, etc.); (ii) to establish, exercise or defend our legal rights; (iii) to enforce or comply with our terms or other applicable agreements or policies; (iv) to protect our or our customers’ rights or property, or the security or integrity of the Services; (v) for an investigation of suspected or actual illegal activity; or (vi) to protect us, users of the Services or the public from harm, fraud, or potentially prohibited or illegal activities.
We do not rent, sell, or share your information with other people or non-affiliated companies for their marketing purposes, unless we have your permission.
The Services may provide links to other online services, and may include third-party features such as apps, tools, widgets and plug-ins. These online services and third-party features may operate independently from us. The privacy practices of the relevant third parties, including details on the information they may collect about you, are subject to the privacy disclosures of these parties, which we advise you to review. We are not responsible for the privacy practices of any linked online services or third-party features that are not owned or controlled by Current.
If you are a Current member and elect to use the Plaid Technologies, Inc. (“Plaid”) feature in the Services, Plaid may collect your information from financial institutions. By using the Plaid service, you acknowledge and agree that Plaid will collect and use your personal information in accordance with Plaid’s privacy policy, which is available here. Additionally, by using the Plaid services, you acknowledge and agree that Current may use your personal information obtained from Plaid in accordance with any legally permissible purpose described under this Policy.
We take reasonable measures, including administrative, technical, and physical safeguards, to protect your information from loss, theft, and misuse, unauthorized access, disclosure, alteration, and destruction. Nevertheless, the internet is not a 100% secure environment, and we cannot guarantee absolute security of the transmission or storage of your information. We do not accept liability for unintentional disclosure.
To help us protect your personal data, we request that you use a strong password to protect your phone and accounts such as your email account and bank accounts, and never share your password with anyone or use the same password with other sites or accounts.
If you suspect a website or app is pretending to be Current (also known as “spoofing”), do not enter your information. Instead, contact us using the information provided below.
7.1 Marketing Communications
We may provide you with information and offers we think may be of interest to you regarding the Services or third-party products and services. We will send any promotional text messages only with your consent. You may choose to not receive promotional communications from us by following the “unsubscribe” hyperlink at the bottom of promotional emails, by replying “STOP” to promotional texts, or by turning off push notifications on your device. We may still send you non-promotional communications, such as messages about your account.
iOS and Android operating systems provide options to reset advertising IDs. You may change your preferences on your device.
If you live in a state that offers sale, share, or targeted advertising opt-outs, you can make that change by submitting a request using the contact information below.
You may also visit DAA (www.aboutads.info/choices), NAI (http://www.networkadvertising.org/choices/) and TrustArc (http://preferences-mgr.truste.com/) to learn more about advertising opt-out controls
7.2 Device and Location Information
On your mobile device, you can manage how you share certain device data by changing the privacy and security settings.
You may stop our collection of location information at any time by changing the preferences on your mobile device. If you do so, some features of our app will no longer function. You also may stop our collection of location information following the standard uninstall process to remove the Current mobile app from your device.
7.3 Cookies and Analytics
Current may use cookies and other online tracking devices such as pixel tags and clear GIFs (also known as web beacons) to collect online and mobile device activity data from you depending on your browser settings. Cookies are small text files that a website’s server places on your computer in order to track browsing activities conducted with your computer. A web beacon is a small string of software code that represents a graphic image on a website or email.
You may go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain Services. In addition, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated. You can learn more about cookies and how to manage your preferences by visiting http://www.allaboutcookies.org. In addition, most email clients have settings that allow you to prevent the automatic downloading of images, including web beacons, which prevents the automatic connection to the web servers that host those images.
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals.
Current also uses Google Analytics to gather statistics on site usage. You acknowledge and accept that Current has no control over Google’s data collection. We strongly advise you to review Google’s privacy policy for details of their data collection practices located at www.google.com/policies/privacy/partners/. To opt out from Google Analytics, you may go to https://tools.google.com/dlpage/gaoptout
The Services are not directed to children under the age of 13, we do not knowingly solicit or collect personal information from children under the age of 13, and it is not permitted to provide such information to us. See our account agreements for additional age restrictions for the use of the Services. If you believe we may have been provided with personal information regarding a child under age 13, please contact us.
We will retain your account and associated information as necessary to provide you with the Services. In addition, even after you close your account, we can retain copies of information about you and any transactions or Services in which you may have participated for a period of time that is consistent with certain criteria, such as applicable law, applicable statute of limitations, or as we believe is reasonably necessary to comply with applicable laws, regulations, legal processes, or governmental requests, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with the Services, to assist with investigations, to enforce our Terms of Service or other applicable agreements or policies, or to take any other actions consistent with applicable law.
We may amend this Policy from time to time by posting a revised version and updating the Effective Date above. The revised version will be effective on the Effective Date listed. We will provide you with reasonable prior notice of material changes in how we use your information, which may include notification in our app or website, or by email. If you disagree with these changes, you may close your account at any time. If you keep using the Services, you consent to any amendment of this Policy.
If you have any questions or concerns about this Policy or the use of your information, or to modify or update any information we have received, please contact support@current.com or
Finco Services, Inc. d/b/a Current
217 Centre Street #180
New York, NY 10013
We may collect (and may have collected during the 12-month period prior to the effective date of this California Notice at Collection (“California Notice”) the following categories of personal information about you:
Identifiers. Identifiers such as a real name, postal address, unique personal identifiers (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers;
Additional Data Subject to Cal. Civ. Code § 1798.80. Signature, physical characteristics or description, state identification card number, education, bank account number, credit card number, debit card number, and other financial information;
Commercial Information. Commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consumer histories or tendencies;
Online Activity. Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements;
Sensory Information. Audio, electronic, visual, and similar information;
Employment Information. Professional or employment-related information;
Inferences. Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes;
Sensitive Personal Information
Government ID. Government identification such as social security numbers, driver’s license, state identification card, or passport number;
Account access information. Information such as account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
Precise geolocation data. Data derived from a device and that is used or intended to be used to locate you within a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet;
Sensitive demographic data. Characteristics of protected classifications under California or federal law, such as citizenship status, and military and veteran status;
Biometric information. For the purpose of uniquely identifying an individual.
Notice of Use of Personal Information
We may use (and may have used during the 12-month period prior to the effective date of this California Notice) your personal information for the purposes described in the Policy and for the following business purposes specified in the CCPA:
Performing Services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services;
Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance;
Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction;
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
Debugging to identify and repair errors that impair existing intended functionality;
Undertaking internal research for technological development and demonstration;
Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.
Sources of Personal Information
During the 12-month period prior to the effective date of this California Notice, we may have obtained personal information about you from the following categories of sources:
Directly from you, such as when you sign up for an account or contact member services, or participate in, sweepstakes, promotions, or research or survey activities;
Our Bank Partners;
Your devices, when you use our Site or App;
Payment processors;
External banks (i.e., banks other than our Bank Partners) if you link a non-Current bank account;
Our affiliates;
Vendors who provide services on our behalf;
Our joint marketing partners;
Our business partners (such as referring websites);
Online advertising services and advertising networks;
Data analytics providers;
Government entities;
Operating systems and platforms;
Social networks;
Data brokers;
Data aggregators, such as Plaid.
Categories of third parties with whom personal information was shared
During the 12-month period prior to the effective date of this California Notice, we may have shared certain categories of your personal information with certain categories of third parties, as described below.
When we share personal information with Choice Financial Group and/or Cross River Bank , we do so as their service provider. The privacy practices of our Bank Partners are subject to their linked privacy policies, which we strongly suggest you review. Current is not responsible for our Bank Partners’ privacy practices or policies.
| Category of Personal Information | Category of Third Party |
|---|---|
| Identifiers | Our Bank Partners, other Current users, our marketing partners, and your employer |
| Additional Data Subject to Cal. Civ. Code § 1798.80 Law | Our Bank Partners, our marketing partners |
| Protected Classifications | Our Bank Partners |
| Commercial Information | Our Bank Partners and our marketing partners |
| Biometric Information | Our Bank Partners and identity verification partners |
| Online Activity | Our Bank Partners and our marketing partners |
| Geolocation data | Our Bank Partners |
| Sensory Information | Our Bank Partners |
| Employment Information | Our Bank Partners, our marketing partners |
In addition to the categories of third parties identified above, during the 12-month period prior to the effective date of these California Disclosures, we may have shared personal information about you with the following additional categories of third parties: government entities; other persons to whom we have a legal obligation to disclose personal information (including, for example, in response to a duly issued subpoena or search warrant); and other persons to whom you authorize Current to disclose your personal information.
California Privacy Rights
If you are a California resident, the CCPA gives you certain rights regarding your personal information. Please note, however, that CCPA rights do not apply to personally identifiable financial information collected by financial institutions (like Current and its bank partners) for the purpose of providing financial services, as that information is subject to other financial privacy laws, specifically the Gramm-Leach-Bliley Act (GLBA). Therefore, it does not apply to most of the information that Current collects. CCPA rights and other state-specific information is described below:
Access. You have a right to request that we disclose to you, twice in a 12-month period, the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information, which is also provided in this California Notice.
Correction. You have the right to request that we correct inaccurate personal information under certain circumstances, subject to a number of exceptions.
Deletion. You have the right to request that we delete your personal information under certain circumstances, subject to a number of exceptions.
Opt-Out of the Selling or Sharing of your Data. You have the right to opt out of the selling or sharing of your data. The CCPA requires us to describe the categories of personal information we sell or share to third parties and how to opt-out of future sales. It is important to know that the definition of “sale” and “share” is very broad and the common flow of information for advertising and analytics may be considered a sale or sharing. Current does not provide information that you might typically think of as personal information to third parties in exchange for money; however, under the CCPA, personal information includes unique identifiers, including things like IP addresses, cookie IDs, pixel tags, and mobile ad IDs. The law defines a “sale” broadly to include simply making such personal information available to third parties in some cases. “Share” is defined as providing personal information to a third party to target advertising to a consumer based on information about their activity on multiple websites across the internet. In the last 12 months, when you access our online Services, we may let advertising and analytics providers collect IP addresses, cookie IDs, advertising IDs, and other unique identifiers, which may be collected along with device and usage data, and information about your interactions with our online Services and advertisements. Learn more about how to opt-out in Section 7 above.
Shine the Light Request. You have the right to request that we provide you with (a) a list of certain categories of personal information we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and (b) the identity of those third parties.
Joint Marketing with other Financial Institutions. You have the right to opt-out of joint marketing with other financial institutions.
Appeal. You have the right to appeal our decision to refuse to act on a CCPA data privacy request within a reasonable period after you receive our decision. To appeal our decision, forward your denial email to privacy@Current.com with “Privacy Appeal” in the subject line. Within 45 days, we will provide you with a written explanation of the justification for declining to act on your request.
Non-Discrimination. You have the right to not be discriminated against for exercising any of your privacy rights.
To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request (except for a request to opt-out of sales or sharing). We may require you to provide any of the following information: your name, date of birth, the last four digits of your Social Security number, the email and physical addresses associated with your Current account, one or more recent transactions, and the last four digits of one or more Current-branded cards associated with your account. If you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. Further, we may decline a request where we are unable to authenticate you as the person to whom the data relates, the request is unreasonable or excessive, or where otherwise permitted by applicable law.
If you send us a request to exercise your rights or the choices in this section, to the extent permitted by applicable law, we may charge a fee or decline requests in certain cases. For example, we may decline requests where granting the request would be prohibited by law, could adversely affect the privacy or rights of another person, would reveal a trade secret or other confidential information, would interfere with a legal or business obligation that requires retention or use of the data, or because the data at issue is not covered under the law you are asserting.
Retention
We retain personal data for as long as necessary to provide the Services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different Services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.
If you have any questions or concerns about this Notice or the use of your information, or to modify or update any information we have received, please contact support@current.com or
Finco Services, Inc. d/b/a Current
217 Centre Street #180
New York, NY 10013