Privacy & Security / Privacy & Security Policy

Date Last Revised: April 3, 2008

At Mint, our most important asset is our relationship with you.

Mint is committed to maintaining the confidentiality, integrity and security of any personal information about our users. We are proud of our privacy practices and the strength of our site security and want you to know how we protect your information and use it to provide to you the service on Mint.com (the “Service”).

Mint stresses its privacy and security standards to guard against identity theft and provide security for your account information and other data. We constantly re-evaluate our privacy and security policies and adapt them as necessary to deal with new challenges.

TrustE

Mint Software, Inc. is a licensee of the TRUSTe Web Privacy Seal Program. TRUSTe is an independent, non-profit organization whose mission is to build user’s trust and confidence in the Internet by promoting the use of fair information practices. This privacy statement covers the Web site www.mint.com. Because this Web site wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.

If you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at http://www.truste.org/consumers/watchdog_complaint.php TRUSTe will then serve as a liaison with us to resolve your concerns.

  1. Your Privacy is not for sale
  2. We limit the collection and use of personal information
  3. Your Registration Information is kept private
  4. Changes to your Registration Information
  5. Account Information From Third Parties is only seen by you
  6. Account Information will not be disclosed
  7. Online session information and use is only used to improve your experience
  8. External service providers will not be given your personal information without your permission
  9. Use of Blogs and other Forums on Mint.com
  10. Contests, Giveaways and Surveys
  11. Disclosure of your information to protect our rights or if required by law
  12. Your data may be transferred upon acquisition of Mint but only in accordance with this policy
  13. You can transport or delete your data
  14. Cookies and Web Beacons are used to analyze site usage and improve the Service
  15. We comply with Can-Spam regulations for our newsletters
  16. Your data is secure and only seen by you
  17. Our service ensures secure communications with encryption
  18. We use authentication to ensure that only you access your account
  19. We will notify you of any changes to this Privacy & Security Policy
  20. Former customers
  21. Contact us if you have any questions or concerns

Back to Top1. Your Privacy is not for sale

Simply put, we do not and will not sell or rent your personal information to anyone, for any reason, at any time.

Back to Top2. We limit the collection and use of personal information

Certain areas and features of Mint.com are available to you without registration or the need to provide to us any information. However, in order to benefit from the full functionality of the Service, you need to register as a member and in so doing, to provide a Login ID in the form of an email address, a password and your zip code (collectively the “Registration Information”). Mint makes every effort to allow you to retain the anonymity of your personal identity and you are free to choose a Login ID email address and password that keeps your personal identity anonymous.

Access to your Registration Information and your personal financial data is strictly restricted to Mint employees and contractors, as needed, in order to operate, develop or improve the Service. These individuals have been subject to prior background checks and are bound by confidentiality obligations. They may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

Personally identifiable information generally includes information that could be used to determine your identity, such as your name, address, phone number, e-mail address (if it contains some part of your name) gender, birth date, occupation, personal interests and other demographic information. With the exception of a Login ID in the form of an email address, which may be provided on an anonymous basis, and your Third Party Account Information, which is entered only one time by you to secure an automatic download of your account’s money transactions data, Mint does not require any information from you that might constitute personally identifiable information.

Mint requires a Login ID email address from you in the following circumstances:

  • Registration for the Service;
  • Registration for any Mint Newsletter;
  • The use of any Forums on Mint.com; and
  • To respond to any correspondence, such as emails or letters, from you.

If you elect to receive mobile SMS text message alerts from the Service, you will need to provide Mint with your mobile number in order for us to send these messages to your mobile phone.

Back to Top3. Your Registration Information is kept private

Mint does not sell or rent your Registration Information at any time.

Mint uses your Registration Information only as follows:

  • to analyze site usage and improve the Service;
  • to deliver to you any administrative notices, money alerts and communications relevant to your use of the Service;
  • to fulfill your requests for certain products and services;
  • for market research, project planning, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity;
  • to enforce Mint’s Terms of Use; and
  • as otherwise set forth in this Privacy and Security Policy.

In the event that you access the Service as brought to you by one of our co-brand partners, through a co-branded URL, your email address used for Registration on the Service, may be provided to such co-brand partner.

We only use your Zip Code to improve your experience. There are two main reasons why Mint requires your zip code as part of the Registration process for the Service. First, this allows the Service to provide you with accurate automated categorization of your spending by improving our ability to identify merchants both nationally and locally. Second, Mint needs to determine the appropriate time zone in order to send you timely personal finance alerts as part of the Service.

Back to Top4. Changes to your Registration Information

If your registration information changes during your subscription to Mint, you may update the email address and Zip code by emailing us at security@mint.com and providing us with your new information.

Back to Top5. Account Information from Third Parties is only seen by you

As described in the Terms of Use and with your consent, Mint will from time to time connect electronically to your online bank, credit card and other online financial accounts and obtain account information from those third parties (“Account Information”) in order to provide the Service to you.

Mint uses your Account Information as follows:

  • to offer the Service to you;
  • to deliver information relevant to your financial interests, such as offers for ways to save from third party product and service providers (“Mint Offers”)
  • to deliver administrative notices such as alerts and communications relevant to your use of the Service;
  • for market research, project planning, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity; and
  • as otherwise set forth in this Privacy and Security Policy.

Back to Top6. Account Information will not be disclosed

Mint does not sell, rent or disclose your personal Account Information. Mint discloses your Account Information only to you and to third-party contractors who help Mint provide the Service to you.

Mint may anonymize or aggregate financial transaction data derived from Account Information and disclose such data only in a non-personally identifiable manner to:

  • Advertisers and other third parties for their marketing and promotional purposes, such as the number of users who applied for a credit card, or how many users clicked on a particular Mint Offer;
  • Organizations approved by Mint who conduct research into consumer spending.
  • Users of the Service for purposes of comparison of their personal financial situation relative to the broader community.

Such information does not identify you individually.

Back to Top7. Online session information and use is only used to improve your experience

When you visit Mint.com, we may collect technical and navigational information, such as computer browser type, Internet protocol address, pages visited, and average time spent on our Web site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our Web design and functionality.

We may use third party service providers to help us analyze certain online activities. For example, these service providers may help us measure the performance of our online campaigns or analyze visitor activity on Mint.com. We may permit these service providers to use cookies and other technologies to perform these services for Mint. We do not share any personally identifiable information about our customers with these third party service providers, and these service providers do not collect such information on our behalf. Our third party service providers are required to comply fully with this Privacy and Security Policy.

Back to Top8. External service providers will not be given your personal information without your permission

There are a number of separate products and services offered by third parties advertised by us on our site and through the Service that may be complementary to your use of Mint.com (e.g., lenders, banks, credit card issuers, communications providers) and these constitute Mint Offers or ways to save. If you choose to use these separate products or services, disclose information to the providers, and/or grant them permission to collect information about you, then their use of your information is governed by their privacy policy. You should evaluate the practices of external services providers before deciding to use their services. These third party Web sites may have different privacy policies than Mint and Mint is not responsible for their privacy practices. If you click on a link to a third party Web site, Mint encourages you to check the privacy policy of that Web site.

Mint may present links in a format that enables us to keep track of whether these links have been followed and whether any action has been taken on a third party Web site. We use this information to improve the quality of the Mint Offers and customized content on the Service.

Back to Top9. Blogs and other Forums on Mint.com

If you use a bulletin board, blog, or chat room on this Web site, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums.

Back to Top10. Contests, Giveaways and Surveys

From time to time, Mint may offer you the opportunity to participate in contests, giveaways and other promotions.  Any information submitted in connection with such activities will be treated in accordance with this Privacy and Security Policy.  From time to time, Mint may also ask you to participate in surveys designed to help Mint improve the Web site.  Any Personally–Identifying Information provided to  Mint in connection with any survey will be used only in relation to that survey.

Mint may aggregate survey data and disclose such data only in aggregate and in a non-personally identifiable manner to:

  • Advertisers and other third parties for their marketing and promotional purposes, such as the number of users who have more than one credit card;
  • Users of the Service for purposes of comparison of their personal financial situation relative to the broader community.
  • Such information does not identify you individually.

Back to Top11. Disclosure of your information to protect our rights or if required by law

Notwithstanding the foregoing, Mint reserves the right (and you authorize Mint) to share or disclose your Registration Information and Account information when Mint determines, in its sole discretion, that the disclosure of such information is necessary to identify, contact, or bring legal action against you if:

  • You are or may be violating this Privacy and Security Policy or Mint’s Terms of Use;
  • to prevent potentially prohibited or illegal activities; or
  • Necessary or required by any applicable law, rule regulation, subpoena or other legal process.

Back to Top12. Your data may be transferred upon acquisition of Mint but only in accordance with this policy

Registration Information and Account Information may be transferred to a third party as a result of a sale, acquisition, merger, reorganization or other transfer (a “Transfer”) involving Mint. Mint specifically reserves the right to transfer Registration and Account Information to a third party in connection with a Transfer. Should such a Transfer occur, we will use our best efforts to require that the new combined entity follow this privacy and security policy with respect to your personal information, as and to the extent required by applicable law and require that you receive prior notice if your personal information could be used contrary to this policy.

Back to Top13. You can transport or delete your data

Your data is yours. You can remove it anytime you want. When you request us to delete your account for the Service, your data will be permanently expunged from our primary production servers and further access to your account will not be possible. We will also promptly disconnect any connection we had established to your Account Information. However, portions of your data, consisting of aggregate data derived from your Account Information, may remain on our production servers indefinitely. Your data may also remain on a backup server or media. Mint keeps these backups to ensure our continued ability to provide the Service to you in the event of malfunction or damage to our primary production servers.

Back to Top14. Cookies and Web Beacons are used to analyze site usage and improve the Service

“Cookies” are alphanumeric identifiers in the form of text files that are inserted and stored by your Web browser on your computer’s hard drive. Mint may set and access cookies on your computer to track and store preferential information about you. Mint may gather anonymous information about you through cookie technology on an aggregate level only. For example, Mint may assign a cookie to you, to limit the amount of times you see a particular Mint Offer or to help better determine which Mint Offers to serve to you. Please note that most Internet browsers will allow you to stop cookies from being stored on your computer and to delete cookies stored on your computer. If you choose to eliminate cookies, the full functionality of the Service may be impaired for you.

We encode our cookies so that only we can interpret the information stored in them.

Web beacons are images embedded in a Web page or email for the purpose of measuring and analyzing site usage and activity. Mint, or third party service providers acting on our behalf, may use Web beacons to help us analyze site usage and improve the Service.

Back to Top15. We comply with CAN-SPAM regulations for our newsletters

Mint.com sends only verified, double-opt-in e-mail newsletters, specifically requested by Mint subscribers. Subscriptions to Mint.com newsletters are verified by sending an e-mail confirmation to your e-mail address, which requires a positive response before an e-mail address is added to Mint’s list. Mint.com is fully compliant with the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003.

Because we provide you the option of receiving our promotional newsletters, Mint.com subscribers have the ability to opt-out of receiving these newsletters by emailing us at security@mint.com. We also will send users service-related emails which they do not have the ability to opt-out of.

Back to Top16. Your data is secure and only seen by you

Simply put, your data is yours and only you (through your Registration Information) have access to your data on the Service.

We use a combination of firewall barriers, encryption techniques and authentication procedures, among others, to maintain the security of your online session and to protect Mint accounts and systems from unauthorized access.

When you register for the Service, Mint requires a password from you for your privacy and security. Mint uses industry-standard 128 bit secure socket layer (SSL) encryption to protect data transmissions between your browser and our servers, such as your Registration Information for Mint.com or account credentials for a third party Web site.

Our servers are in a secure facility and access requires multiple levels of authentication, including biometrics (hand print scan) procedures. Security personnel monitor the system 7 days a week, 24 hours a day. In addition, a Network-based IDS (intrusion detection system) provides 24x7 network monitoring and alerts security personnel to any external attacks on the network.

Our databases are protected from general employee access both physically and logically. All Registration Information and Account Information is stored in an encrypted database, and all backup drives and tapes are encrypted with different keys.

We enforce physical access controls to our buildings.

No employee may put any sensitive content on any unsecure machine (i.e., nothing can be taken from the database and put on an unsecure laptop).

Mint is independently verified secure and private. Mint has been audited by Verisign for its security practices, by Truste for its privacy practices and is tested daily for any failure points that would allow hacking by ScanAlert, HackerSafe.

Back to Top17. Our service ensures secure communications with encryption

From the time you submit your Login ID and Password, these communications between your computer and Mint are encrypted using Secure Sockets Layer (SSL3) technology. SSL enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering and message forgery.

To support this technology, you need a recent version of an SSL3-capable, 128-bit browser, such as Netscape, Microsoft Internet Explorer, or AOL. These browsers will activate SSL3 automatically whenever you log on to Mint.

Look for the padlock! To ensure that SSL encryption is protecting your private communications, look for a small picture of a padlock on the browser frame. Another indicator is the URL prefix “HTTPS”. See below:

HTTPS indicator

Internet Explorer 6 SSL

Located in the URL address in all browsers.

Internet Explorer

The padlock appears in the lower right corner of the browser frame.

Internet Explorer 7 SSL Internet Explorer 7 SSL

Mozilla Firefox

Firefox SSL Firefox SSL

The padlock appears to the right of URL in the address bar as well as in the lower frame of the browser

Apple Safari

Safari SSL

The padlock appears in the upper right hand corner of the browser frame.

Netscape

Netscape SSL Netscape SSL

The padlock appears in the lower right hand corner of the browser frame.

If you move the cursor over the “locked padlock” icon, a pop-up message will appear stating “SSL Secured (128 Bit).” Absence of the pop-up message may indicate that you are connected to a “phishing site." For information on phishing, see below.

You must log out each time you have finished accessing your Mint.com account.

Back to Top18. We use authentication to ensure that only you access your account

Authentication is the process you go through on Mint to access secure areas of our Website. This process takes place when you log into your account, the two key components of which are your Login ID and Password.

With regards to passwords, we maintain strict rules to help prevent others from guessing your password. We also recommend that you change your password periodically. Your password must be 6-8 characters in length. You are responsible for maintaining the security of your Login ID and Password. You may not provide these credentials to any third party. If you believe that they have been stolen or been made known to others, you must contact us immediately at security@mint.com to request a change. We are not responsible if someone else accesses your account through Registration Information they have obtained from you or through a violation by you of this Privacy and Security Policy or Mint’s Terms of Use.

If you have a security related concern, please contact us at security@mint.com. We will work closely with you to ensure a rapid and personal response to your concerns.

Back to Top19. We will notify you of any changes in this Privacy and Security Policy

If we decide to change our privacy and security policy, we will update the date upon which this policy, including those changes became effective from at the top of this policy and post those changes to this policy, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this policy at any time, so please review it frequently.

Back to Top20. Former Customers

If you are a former customer, we treat your information in the same manner that we treat information about our current customers.

Back to Top21. Contact us if you have any questions or concerns

If you have questions, comments, concerns or feedback regarding this Privacy and Security Policy, send an e-mail to security@mint.com.

Mint Software, Inc.
280 Hope Street, Mountain View, CA 94041

Phone: (650) 469-1302

- Mint is certified by Verisign
- Mint is certified by Truse E
Mint is certified by Scan Alert
- Mint was named best free finance software
Mint was named as the top rated online finance service AND a top 25 innovation of 2007