Online Privacy Practices

Updated May 2018

SunTrust has a longstanding commitment to protecting the confidentiality and security of our clients’ personal information. We believe it is helpful to have an overview of how this commitment is applied as SunTrust collects, uses, and protects your personal information when you visit us online or on our mobile and tablet applications.

SunTrust’s business address is SunTrust Plaza, 303 Peachtree Street, Northeast, Atlanta, GA 30308-3201, USA. Customer Service can be reached at 800.786.8787 (800.SUNTRUST).

What information do we collect?

When you visit a SunTrust website, application or otherwise interact with us online, we may collect the below information:

  • Your browser type
  • Your IP address (Your IP address is a number that is automatically assigned to your device by your Internet Service Provider. An IP address is identified and logged automatically whenever you visit a site, along with the time of the visit and the page(s) that were visited).
  • The presence of any software on your device that may be necessary to view our site
  • Information about the device you are using
  • Personal information submitted on applications, forms, and electronic messaging. Personal information includes:
    • Name
    • Social Security Number
    • Address
    • Email
    • Telephone number
    • Account numbers
    • Usernames
    • Passwords
    • Other non-public information
  • Website analytics information such as pages visited and average time spent on a particular page
    • If you would prefer that your movements and actions online at not be monitored, you can Opt-Out of tracking.
      • NOTE: It is necessary to install a cookie on your browser to identify that you have opted-out. If you delete the opt-out cookie, or change devices or web browsers, you will need to opt-out again.
  • Search engine traffic referral information
  • Responses to advertisements and promotions
  • Transactional information from behind the secure login about your relationship with us (such as types of accounts or the state in which you bank)

How do we use the information we collect?

The information we collect online helps SunTrust to:

  • Analyze our site usage and enhance the user's experience:
    • Diagnose server problems
    • Alert users of any possible software compatibility issues
    • Help us make decisions about how various technologies are used and identify usage trends
  • Send marketing communications:
    • Present personalized offers, ads, or content we believe may be of interest to you
    • Determine the effectiveness of promotional campaigns
  • Make business decisions:
    • Analyze data
    • Perform market research
    • Conduct audits
    • Develop and improve products and services
  • Effectively manage your account:
    • Ensure your identity and protect the security of your personal and account information from unauthorized access
    • Process transactions on your account
    • Respond to product applications and questions
    • Fulfill regulatory requirements

Where required by applicable data protection laws, we only use personal information that we have about you where we have a legal basis to use such personal information under such applicable data protection laws.

How Do We Share The Information We Collect?

Please see the SunTrust Consumer Privacy Preferences Notice for information on how your personal information may be shared and how you may be able to limit certain types of sharing.  Please see the SunTrust Privacy Policy for the reasons we share your personal information.

Visiting the SunTrust Website From Outside the United States

If you are visiting the SunTrust website, please be aware that your personal information may be transferred to, or stored and processed in, the United States.  We will rely on legally-provided mechanisms (e.g., derogations such as performance of a contract) to lawfully transfer personal data across borders. 

Retention Period

We store your personal information as long as it is required to meet our contractual and legal obligations, or if we have a legitimate business need to do so.  

Technologies we use

SunTrust and its online advertising and marketing partners may employ various technologies to collect information, including:

  • Cookies: Cookies are pieces of information stored directly on your device. Cookies provide information that is used for security purposes, to facilitate navigation, to display information more effectively and to personalize/customize your online experience. You can choose to block these cookies as most devices and browsers offer their own privacy settings.  Doing so, however, may result in diminished performance on our site.
  • Pixel tags, web beacons, clear GIFs or other technologies: This technology may be placed on certain pages of our website, applications, emails and other marketing initiatives. These tags usually work in conjunction with cookies, and allow us to measure the effectiveness of our site and compile statistics about usage and response rates.
  • Adobe® Flash® objects: Flash objects are data files that can be created on your computer by the sites you visit. These objects help us recognize you and your device and are vital for online authentication. For SunTrust web pages running Adobe Flash content, we use Flash objects to determine your browser type and version of Adobe Flash in order for you to view the content. Deleting cookies does not delete Flash objects. If you disable Flash objects, you may not be able to access and use parts of SunTrust websites. Learn more about Flash objects and how to control and disable them at the Adobe website.
  • Cross-Device Tracking: SunTrust participates in the Adobe Marketing Cloud Device Co-op, which helps companies build websites, applications and advertisements that seamlessly flow between all your devices (devices could include a desktop, laptop, tablet, phone or smart watch).  The Device Co-op recognizes which of your devices are linked – used by the same person— through use of technology that includes cookies and your IP address (without collecting your personal information). Visit the Adobe website for more information on cross-device tracking and/or to unlink your devices.
  • Firewalls, passcodes, data encryption and other safety features: SunTrust uses these technologies to ensure that the information you provide us remains secure. Learn more about how we safeguard your information online, and learn measures you can take to protect yourself.

Interacting with SunTrust online

Online advertising on SunTrust websites and applications
SunTrust advertises its products and services on pages within our sites and on mobile applications. To make the content and advertising as informative and useful as possible, SunTrust may target and personalize content and advertisements for products and services on our site and within Online Banking (when clients sign on or off to online accounts with their user ID/password).

If you would prefer to not receive personalized banner advertisements, content, and offers on unauthenticated pages (before sign-in), you can opt out (clicking this link will activate the opt-out). Opting out will not prevent you from receiving banner ads, but the ads you are served will not be personalized.

If you would prefer to not receive a specific advertisement, content or offers on SunTrust authenticated (after signing-in) pages, you can click “No Thanks” to the specific pop-up ad you are being presented. Note that this will not prevent you from potentially receiving other ads, content or offers for a different product or service. Also note that simply closing the pop-up message by clicking on the “X” will not register that you do not wish to receive this specific message again.  

Online advertising on third-party websites and applications

SunTrust advertises its products and services on websites and applications not affiliated with SunTrust. The third-party companies we hire to display these ads use their own tracking technologies to measure the effectiveness of these ads and to understand your interest. Many of our third-party partners have their own privacy policies. We encourage you to review these policies carefully.

Some of our third-party advertising is interest-based and may use information about your online interests to customize the online ads you see. SunTrust has adopted the use of the AdChoices Icon (also known as the Advertising Option Icon) for our interest-based advertising (excluding ads appearing on platforms that do not accept the icon). Anyone receiving an interest-based ad can click on the displayed icon to receive more information. The AdChoices Icon does not prevent you from receiving advertisements, but allows you to control whether you receive interest-based advertisements and from which companies. Visit the Digital Advertising Alliance website for more information about the AdChoices Icon and interest-based advertising.

Third-party aggregation services and tools

Aggregation allows you to gather information from many websites and view that information in a consolidated format. An example of why you might use a third-party aggregation tool is if you wanted a comprehensive view of assets and liabilities held within your financial accounts. If you provide information about your SunTrust accounts (including your access information) to an aggregation service provider, we will consider that as your having authorized all transactions initiated by that aggregation site. SunTrust reserves the right to disable aggregation for any account without notice. If you wish to cancel your third-party aggregation services you should also change your password at

Social Media
SunTrust provides experiences on social media platforms such as Facebook or Twitter that enable online sharing and collaboration. Any content you post, such as pictures, information, opinions, or any personal information that you make available to other participants on these social platforms, is subject to the terms of use and privacy policies of those platforms. Please refer to them to better understand your rights and obligations with regard to such content.

Given the very public nature of social media, it is critical that we all safeguard confidential financial information. If you post information on a SunTrust site that we feel should be shielded from public view, we will remove it. This includes not only specific details about your SunTrust accounts and other private, confidential information (such as your Social Security Number), but details of information relayed in private conversations between you and SunTrust representatives. Please know that in taking down or editing your posts, we are focusing our experience and best judgment to keep your personal information safe.

Linking to other sites
SunTrust may provide links to non-SunTrust companies, such as credit bureaus or merchants, and will notify you when leaving the SunTrust site. If you choose to link to websites not controlled by SunTrust, we are not responsible for the privacy or security of these sites, including the accuracy, completeness, reliability or suitability of their information. If you are asked to provide information on one of these sites we urge you to carefully study their privacy policies before sharing.

Protecting your children
SunTrust strictly follows the federal guidelines of the Children’s Online Privacy Protection Act (COPPA) which gives parents control over what type of information is collected online about their children. We do not knowingly collect, maintain, or use personally identifiable information from children under age 13 on our websites. We are not responsible for the data collection and use practices of nonaffiliated third-parties that are linked from our websites. Visit the COPPA Website for more information.


To protect personal information from unauthorized access and use, we use security measures that comply with applicable federal and state laws.  These measures may include device safeguards and secured files and buildings as well as oversight of our third party service providers to ensure information remains confidential and secure.  Please visit for additional information.

Making Sure Your Information is Accurate and Individual Rights

Keeping your account information accurate and up to date is very important. If your account information is incomplete, inaccurate or not current, please contact us at, or call or write to us at the telephone numbers or appropriate address for changes listed on your account statements, records, online or other account materials. You can also speak to a customer representative at a branch location, your financial advisor, or an account representative.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.  We may ask you to verify your identity in order to help us respond efficiently to your request.

Under non-US data protection laws, you may have the right to complain to a data protection authority about our collection and use of your personal information.

Control your online privacy preferences

In summary, the below links can help you to customize and control your privacy preferences when interacting with SunTrust online:

  • Opting-out of website analytics tracking
    • If you would prefer that your movements and actions online at not be monitored, you can opt-out of tracking.
      • NOTE: It is necessary to install a cookie on your browser to identify that you have opted-out. If you delete the opt-out cookie, or change devices or web browsers, you will need to opt-out again.
  • Opting-out of personalized offers
    • If you would prefer to not receive personalized banner advertisements, content and offers on the unauthenticated pages (before sign-in) of, you can opt-out (clicking this link will activate the opt-out).

You can also control your marketing preferences for direct mail, email and telemarketing preferences, along with the sharing of your personal information via our Client Privacy Preferences Form.

Online Privacy Practices Updates

SunTrust’s Online Privacy Practices may be revised from time to time, so please review them periodically. Any changes will become effective when we post the revised Practices on the site (please note the effective date listed at the top of this page). If we revise our Online Privacy Practices in a material way, we will provide a conspicuous notice on our website when any changes take effect.

Contact Us

If you have any questions or comments on our Online Privacy Practices, please contact us at: