Privacy Policy | Kasasa

Privacy policy

Note: Please refer to definitions of terms near the end of this policy.


We are Kasasa, LTD. We provide retail banking products, enabling technologies, and professional services that help community Financial Institutions better serve consumers and their communities.


Federal law requires us to disclose what Personal Identifiable Information (or “PII”) we collect, and how we collect, share, and protect any personal information we receive from Financial Institutions or Consumers interacting with our marketing efforts, products, Services, website or personnel. Please read this notice carefully as it is intended to provide such disclosure to both Financial Institutions and Consumers.



The following privacy policy (“Policy”) applies to interactions with Kasasa and any of the Services, and Kasasa Events in which we participate, unless a different policy is posted or is made available and by its terms supplants this Policy.

Other privacy policies, such as those of third parties that we contract with for specific services and functionality, may also apply in addition to this Policy.


Under no circumstances will Kasasa provide, sell or share any PII with any person or organization except (i) as authorized by the Consumer, (ii) with the Financial Institution used by the Consumer, (iii) with third parties delivering contracted services, (iv) as may be required by law or court order, or (v) as otherwise set forth herein. This Privacy Policy describes the standards we adhere to in handling information about Consumers and any personal information submitted through any of the Services or Kasasa Events in which we participate.

Please reference the following links for additional privacy information that applies to the following offering:

This Policy incorporates by reference the applicable Terms and Conditions (“Terms”), including their limitation of liability and damages.


The types of information we collect and share depends on Services used, websites visited or Kasasa Event(s) in which you participate. This information can include but is not limited to the following:

  • Personal Identifiable Information:
    • Information which identifies the Consumer (e.g. name, address, email address, telephone number, income, age/age range/date of birth, Social Security Number, photograph, or any other information which is personally identifiable).
  • Aggregated and Non-Identifiable Information:
    • Information that we may create or compile from various sources, including but not limited to accounts and transactions. This information contains no personally identifiable elements and is used for our general business and marketing purposes.
  • Nonpublic Personal Information (including PII):
    • Information provided by the Consumer to the Financial Institution (e.g. name, address, email address, telephone number, income, age, financial information or Social Security Number).
    • Information associated with and/or resulting from the Services which is utilized by the Consumer (e.g. payment history, loan or deposit balances, credit card purchases, fees charged, deposits, or interest rates).
    • Information from other sources about the Consumer obtained in connection with providing the Services (e.g. information from the Consumer’s credit report or from court records).

To protect the information listed above from unauthorized access and use, we use security measures that comply with federal law. These measures include physical, electronic, and procedural safeguards.


The Financial Institution may provide detailed account related information via secure means to Kasasa for analysis, processing and reporting purposes in support the Financial Institution’s retail offerings, operational performance and marketing programs. Such information, when associated with PII, may only be used on behalf of your Financial Institution and in concurrence with their published privacy policies and customer/member agreements.

Using Cookies, Clear Gifs, Flash Objects, IP Addresses and data entry forms, we may collect information from a variety of sources and as the result of various interactions with Kasasa.

For example, we collect information when the Financial Institution registers for, subscribes to or submits an application for or use one of the Services.

We also collect information about Consumers when they respond to an advertisement, participate in an online survey or promotion or in a real-time Kasasa Event and when they utilize the “Contact Us” form on one of our websites.

We may also from time to time make various resources, information and Services available to the Financial Institution or the Consumer through our websites and we may collect information in connection with providing such resources, information and/or Services.

Note: You do not have to provide any information to view some of our websites and you are permitted to browse some of our websites anonymously. Certain features of some of the Services, however, are only available to registered Financial Institutions and/or Consumers.


In order for Kasasa to conduct our business and properly support Financial Institutions, we must collect and at times share information about individuals who utilize the products, Services, applications and websites we power. We collect information from and about Consumers for the following general business and marketing purposes. (This list is meant to serve as a guide and is not all inclusive.)

  • General Business Purposes:
    • To conduct, process and deliver Services to Financial Institutions and their participating accountholders (i.e., Consumers).
    • To identify browsers and type of access device to enable content and information to be appropriately displayed in order to improve the online experience.
    • To ensure the proper functioning of the Services and applications.
    • To facilitate the aggregation of accounts and the transmission of financial data for banking purposes.
    • To analyze Consumer activity and related data to identify trends, audit software processes and enhance Services.
    • To verify the identity of the Financial Institution or Consumer so they can access their accounts, conduct transactions, validate account status and manage their accounts.
    • To send participating Financial Institutions and/or Consumers authorized alerts and messages (via SMS or email) about their accounts.
    • To map Consumers locations in relation to the Financial Institutions offices and branches.
    • To enable Consumers to apply for Services that may be of interest to them and to evaluate their eligibility for such Services.
    • To respond to inquiries and requests.
    • To inform Consumers and Financial Institutions of changes in terms, conditions and / or policies regarding the Services.
    • To maintain measures aimed at preventing fraud and protecting the security of accounts and PII.
    • To comply with laws, regulations, and other legal and/or law enforcement requirements.
  • General Marketing Purposes:
    • To conduct market research using aggregated data.
    • To enhance collected information with additional demographic and psychographic data to aid in understanding consumer behavior, product use, interests, opinions and trends.
    • To execute marketing programs either directly or through a third party to promote Services in which we believe the Consumer may have an interest.
    • To execute and administer promotional offers and to notify winners and distribute prizes. These activities will have additional rules and may contain specific information about how PII is collected, used and shared.
    • To facilitate “refer-a-friend” referrals whereby a Consumer can enter another individual’s contact information for the purposes of introducing that individual to Service or financial institution that they may be interested in. For the purposes of this section, we do not store the referred friend’s information. It is used solely to send an email to that individual, and the individual can opt out of receiving additional emails.
    • To evaluate the effectiveness of marketing programs and promotional offers.


We may share the information we collect from and about consumers for the following purposes:

  • Non-Affiliated Third-Party Vendors/Providers:
    • To conduct and deliver services for which we contract with vendors, including, but not limited to, payment services, sending postal and electronic mail, display advertising on websites, performing account aggregation services and providing customer support for Services and Kasasa Events.
    • To upgrade software and provide technical support and issue resolution for the Services.
    • To facilitate, execute and evaluate programs, including, but not limited to, marketing and promotional opportunities, that we or our community financial institution clients execute.
    • To protect our rights and property, to prevent fraud and abuse and to adhere and respond to required laws, court orders and/or other legal requirements.
    • MoneyIsland:
      • If the Consumer is referred to MoneyIsland by one of our participating Financial Institutions, we will share the registration and account number with the referring Financial Institution and notify them when the Consumer activates an account, when the Consumer adds a child/student, when that child/student activates their account and when that individual is eligible for a reward from the referring institution. The referring Financial Institution may use this information for their general business and marketing purposes subject to their own privacy policies. For clarity, we do not collect any PII from or about children therefore no such information is shared with any referring institution.


Consumers can opt out of some information collection and sharing activities, but not all. For example, Consumers cannot opt out of Aggregated and Non-Identifiable Information and Nonpublic Personal Information if shared with non-affiliated third parties to:

  • Market the Financial Institution’s own products or services.
  • Market financial products and services offered by the Financial Institution and another financial institution (Joint Marketing).
  • Process and service transactions the Consumer requests or authorizes.
  • Protect against potential fraud or unauthorized transactions.
  • Respond to judicial process.
  • Comply with federal, state, or local legal and taxation requirements.

Consumers have the right to:

  • Opt out of any continuing marketing or promotional programs by executing the opt-out option included within a marketing or promotional communication.
  • Disabling “Cookies” and “Flash Objects” from your browser. Note that some functionality on some of the websites will be impacted or rendered unavailable if these items are disabled. Industry standards are evolving and we may not separately respond to or take any action with respect to a “do not track” configuration setting in your internet browsers.
  • Delete and/or close their account.

Note: Consumers or Financial Institutions do not have to provide any information to view some of our websites and are permitted to browse some of our websites anonymously. Certain features of some of the Services, however, are only available to registered Financial Institutions and Consumers and to those who have not disabled the tracking items listed above.

In the event that an account is deleted and/or closed at the Financial Institution or the Financial Institution terminates the use of the Services, any PII will no longer be used and will be destroyed or deleted from operational Kasasa systems in accordance Kasasa’s then current internal policies, procedures and timeframes.


We may provide web links to third party websites unaffiliated with Kasasa, such as credit bureaus, service providers or merchants. If you follow web links to websites not affiliated or controlled by Kasasa, you should review their privacy and security policies and other terms and conditions, as they may be different from those on our websites. Kasasa does not guarantee and is not responsible for the privacy or security of these websites, including the accuracy, completeness, or reliability of their information.


Kasasa provides experiences, including Kasasa Events, on social media platforms including, but not limited to, Facebook, Twitter, YouTube and LinkedIn that enable online sharing and collaboration among Financial Institutions and Consumers who have registered to use them. Your participation in any Kasasa Event may be published on various social media platforms, and may include photos and videos from/of the Event. Any content posted on official Kasasa managed social media pages, such as pictures, information, opinions, videos or any personal information that is made available to other participants on these social platforms, is subject to the Terms of Use and Privacy Policies of those respective platforms. Please refer to them to better understand the rights and obligations with regard to such content. In addition, please note that when visiting any official Kasasa social media pages, you are also subject to the Terms and Conditions of Kasasa’s Privacy Notices.


We will enforce this Policy, and if you violate any of its terms, we may prevent you from using any of the Services.


The following definitions applies to your interaction with Kasasa or any of the Services, unless a different policy is posted or is made available and by its terms supplants this Policy.

    • Affiliates: Companies related by common ownership or control. They can be financial and non-financial companies.
    • Aggregated and Non-Identified Information: Data that we may create or compile from various sources, including but not limited to accounts and transactions. This information, which does not identify individual account holders or contain PII, is used for our business purposes, which may include offering products, Services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.
    • Consumers: Any current or prospective customers or members of Financial Institutions that use, or may use in the future, the Services.
    • Cookies: Cookies are alphanumeric identifiers that are transferred to a computer’s hard drive through the web browser for tracking and record-keeping purposes. These Cookies, however, do not store any PII. We use three different types of Cookies:
      • Session Cookies: exist only during an online session and allow storage of online activities and verify an identity while using a website.
      • Persistent Cookies: remain on the computer after the browser has been closed or the computer has been turned off and track aggregate & statistical information about activity which may be combined with other information.
      • Third Party Cookies: We also may engage third parties, including, without limitation, Google Analytics, to track and analyze non-PII website data. We use the data collected by such third parties to help administer and improve the quality of the Services and to analyze usage. We do not have access to or control over these third party Cookies nor does this Privacy Policy cover such third parties’ use of data.
    • Clear Gifs (aka Web Beacons/Web Bugs, Pixel Tags): Clear gifs are tiny graphics with a unique identifier, similar in function to Cookies, and are used to track the online movements of web users. In contrast to Cookies, which are stored on the computer’s hard drive, Clear Gifs are embedded invisibly on web pages.
    • Financial Institutions: Banks and/or credit unions that contract for the Services.
    • Flash Objects: Also known as local shared objects, these objects help us determine and recognize the browser type and version of Adobe Flash so that one can view “moving content” such as online demonstrations and tutorials on the device when logged onto or return to a website.
    • IP Address: A number that is automatically assigned to the device used by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever someone visits a website, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many websites. We use IP Addresses for purposes such as calculating website usage levels, helping diagnose server problems, for compliance and security purposes and administering our Services.
    • Joint Marketing: A formal agreement between non-affiliated financial companies that together market financial products or services to consumers.
    • Kasasa Event: Any event Kasasa, LTD organizes to educate and raise the general public’s awareness that, as a whole, Financial Institutions offer financial products and services that are competitive with their larger regional and national counterparts.
    • Non-Affiliates: Entities not related by common ownership or control, both financial and non-financial entities.
    • Non-Public Personal Information – Information that consists of:
      • Personally identifiable financial information that is not publicly available information; and
      • Lists, descriptions, or other groupings of individual consumers that were either:
        • Created using personally identifiable financial information that is not publicly available information, or
        • Contain personally identifiable financial information that is not publicly available information.
      • Personal identifiable information or PII: Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. PII typically refers to information such as name, address, phone number, email address, date of birth, various identification numbers such as social security numbers, etc.
      • Services: Collectively refers to any and all of Kasasa’s products, services, applications and/or websites that Kasasa powers independently or on behalf of Financial Institutions.


California residents may request a list of certain third parties to which we have disclosed personal information about you for direct marketing purposes. You may make one request per calendar year. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. You may request this information in writing by contacting us at Kasasa, LTD, Attn: Compliance Manager, 4516 Seton Center Parkway, Ste. 300, Austin, TX 78759 or emailing us at Please allow up to thirty (30) days for a response.


We reserve the right to modify this Policy at any time without notice, so please review it frequently. If we make changes to this Policy, we will post these changes on this website and the changes will be deemed effective immediately upon the date of such posting. The most current version of the Privacy Policy will always appear on this website and the most recent version shall supersede any and all other versions of this Policy. Continued use of the Services following the posting of these changes or modifications will constitute acceptance of such changes or modifications. PLEASE PRINT AND RETAIN A COPY OF THIS AGREEMENT FOR YOUR RECORDS.


If you have any questions regarding this Policy, please contact us at:

Kasasa, LTD
4516 Seton Center Parkway;
Suite 300
Austin, TX 78759

4516 Seton Center Parkway
Suite 300
Austin, TX 78759
1 (877) 342-2557