Effective as of January 10, 2022
Your privacy is important to us. The purpose of this Online Privacy Policy (as updated from time-to-time, this “Online Privacy Policy”) is to explain the data collection and privacy practices of the following Goldman Sachs consumer and small business platforms: the Marcus by Goldman Sachs website, currently located at https://www.marcus.com and https://www.marcus.com/us/en/invest, mobile app, and associated Products; and any other website, mobile app, or email associated with the above that is owned or operated by us, and on which this Online Privacy Policy appears or is linked. Each mobile app referenced in the prior sentence individually may be referred to as an “App”; each website, a “Site”; and the Apps and Sites together, collectively, the “Service”.
This Online Privacy Policy includes the following information:
If you have other relationships with Goldman Sachs that are not listed above, please visit the Goldman Sachs Privacy and Cookies Website for more information about how your personal information is processed and to understand your rights and choices for those services.
We want you to understand the following defined terms that we use throughout this Online Privacy Policy, when we use:
If you have signed up for, applied for, have or previously had one of our consumer Products, the Marcus Consumer Privacy Notice will apply to you. This provides more information about how we collect and share your personal information and outlines certain choices you may have. If there is a conflict between this Online Privacy Policy and any privacy notice, disclosure, policies or terms relating to any Product, the privacy notice, disclosure, policies or terms relating to the Product will govern.
We may collect or generate personal information about you, or a third party acting upon your instruction, in a number of ways and from a number of sources depending on the product or service and the relationship we have with you. For example:
See below for a list of the categories of personal information, along with some descriptions and examples, that we may collect or generate through each of the processes described above. In the past 12 months, we have disclosed each category of personal information to one or more of the types of third parties listed in Section 4, below.
Although you don’t have to supply any of the personal information we request, we may not be able to provide Products to you or you may not be able to interact with our Service if you do not.
Personal information does not include information that has been anonymized or aggregated so that it does not identify an individual.
We use personal information for the following business purposes:
We may also use your personal information for any other purpose that we disclose at the time you provide, or when we collect, your information, and other purposes permitted by applicable law.
We may also use data that we collect on an aggregate or anonymous basis for various business purposes, where permissible under applicable laws and regulations.
If your relationship with us ends, we will continue to treat your personal information, to the extent we continue to maintain use, and share it, as described in this Online Privacy Policy or as set forth in the privacy notice for the applicable Products and Service.
We share personal information as set forth below:
We also share personal information with others when you provide your consent, such as to our cobrand partners, data aggregators, and with your authorized representatives, agents and beneficiaries.
We are required to identify the categories of personal information we share with third parties for business purposes. We disclose the categories of personal information listed in Section 2 above for business purposes.
California law requires that we describe certain disclosures of personal information where we receive monetary or other valuable consideration. We do not sell, and have not sold in the preceding 12 months, personal information to third parties as defined under California law. We do not knowingly sell the personal information of minors under 16 years of age.
We and our service providers use tracking technologies such as cookies, web beacons, session replay, device advertising IDs and similar technologies on the Service and in our email communications. These technologies collect information about use of the Service, such as browser, device information and browsing information that includes time/date of access and time spent on the Service, pages visited, language preferences, how users interact with our Service, and other traffic data. Pixels or similar technologies may also be used in our emails to determine whether you have opened our emails and how you interact with it.
These technologies are used for a number of business purposes, such as to record your preferences, track your use of the Service across multiple devices, track how you interact with our communications, suggest products tailored to you, measure exposure to our online advertisements, monitor traffic, analyze use of the Service, for security purposes, to display information more effectively, to personalize a user’s experience, and to improve the Service and make the Service easier to use.
You have choices to limit some tracking mechanisms that collect information when you use the Service. Many web browsers automatically accept cookies, but you can usually modify your browser’s setting to decline cookies if you prefer. If you choose to decline cookies, certain features of the Service may not function properly or may not remain accessible to you. You may be able to prevent us from determining whether you have opened our emails via pixel technology by configuring your email client to not load images in emails.
For more information about your choices, see Interest-Based Advertising below.
Cookies are small text files that may be placed on your device when you visit the Service or when you view advertisements that we have placed on other websites. Cookies allow your browser to remember some specific information which the web server can later retrieve and use. When you quit your browser, some cookies are stored in your computer’s memory, while some expire or disappear.
A web beacon, also known as an Internet tag, pixel tag or clear GIF, is typically a one-pixel, transparent image located on a webpage or in an email. These may be used when you visit the Service, are served with advertisements, when you interact with advertisements outside of our online services, or when you interact with our communications. They are generally used to transmit information back to a web server.
Interest-based advertising refers to collecting information about your online activities over time and across different websites, devices, and other online services to deliver advertisements based on online activity. We use interest-based advertising to deliver advertisements and other targeted content to you, including through third-party advertising companies which we may permit to track your visits to the Service. These third parties may use these technologies to collect information about you when you use the Service and your other online activities. They may collect information about your online activities over time and across different websites and other online services. They may also use persistent identifiers to track your Internet usage across other websites and devices in their networks beyond the Service. They may use this information to provide you with interest-based advertising or other targeted content.
We, and many of the third-party advertisers that place tracking tools on the Service, are members of the Interactive Advertising Bureau’s Self-Regulatory Program for Online Behavioral Advertising. Some of our ads that are displayed on third-party websites will feature an AdChoices icon inside the ad. Clicking on the AdChoices icon inside the ad will provide you an opportunity to opt out of interest-based advertising by the third parties that participate in the program. In addition, you can learn more about the options available to limit these third parties’ collection and use of your information by visiting our opt-out page and the websites for the Network Advertising Initiative and the Digital Advertising Alliance, as well as the webpages for Facebook’s ad preferences tool and privacy policy. Users of our mobile applications may install the Digital Advertising Alliance’s AppChoices mobile app, available here, and choose to opt out of participating advertising networks’ use of mobile app activity for interest-based advertising purposes.
If you choose to opt-out via the web-based tools, a cookie will be placed on your browser indicating your decision. This cookie is specific to a particular device and browser, so if you use different browsers or devices, you will need to opt-out on each. In addition, because the opt-out is facilitated via cookies, if you clear your cookies you will need to opt-out again. Likewise, mobile app opt-outs via AppChoices are based on your mobile device’s advertising identifier, so if you reset it, you will need to opt-out again via AppChoices.
We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”), on the Service. Google Analytics uses cookies or other tracking technologies to help us analyze how users interact with and use the Service, compile reports on the Service’s activity and provide other services related to Service activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a return visitor and any referring website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google, click https://www.google.com/policies/privacy/partners/.
We may use Google Maps API and Places API features and content, for example to help auto-complete address information on the Service. By using the Service, you agree to be bound by the then-current Google Maps/Google Earth Additional Terms of Service and Google Privacy Policy. To learn more about Google Maps/Google Earth Additional Terms of Service and the Google Privacy Policy, please visit https://maps.google.com/help/terms_maps.html and https://www.google.com/policies/privacy/, respectively.
We take the security of personal information, including U.S. Social Security numbers, seriously and work to limit access to personal information to authorized employees, agents, contractors or vendors. We also maintain physical, electronic and procedural safeguards designed to protect the information against loss, misuse, damage or modification and unauthorized access or disclosure while in our possession.
You may receive a privacy notice in connection with our Products that describe privacy choices. You may contact us to exercise your choices by following any instructions contained in our privacy notice or marketing materials.
In most cases, you can communicate with us through the Service. If you need to contact us for more information about our privacy policy and practices, or because you have questions or concerns, you may do so using the information listed below:
California residents have certain rights in relation to their personal information pursuant to the California Consumer Privacy Act (CCPA). These include the right to:
California residents should be aware that this section does not apply to:
If you would like to discuss or exercise such rights, please contact us through our CCPA Intake Form or at 1-833-971-0826. As part of submitting a request, we will ask for your name, email address, phone number, date of birth, and mailing address.
California law requires that we verify the requests we receive from you when you exercise certain of the rights listed above. To verify your request, we will check the information you provide us in your request against third party identity verification tools, as well as verify that any personal information relates to you. As part of this process, we may call you after you submit your request to verify information. You may also designate an authorized representative to exercise the rights listed above on your behalf by providing the authorized representative with power of attorney pursuant to the California Probate Code, and the representative may make the request by following the instructions above. If an authorized representative submits a request on your behalf, we will contact you to verify that they represent you.
For more information about Goldman Sachs Bank USA’s consumer finance products 2020 consumer rights request metrics please click here.
Any natural person using the Service must be at least 18 years of age. The Service may only be used in the United States, including its territories, or on a United States military base. If you do use the Service outside of the United States, your personal information may be transferred to the United States or other locations outside of your state, province, or country, where privacy laws may not be as protective as those in your state, province, or country. Except as provided in the next sentence, this Online Privacy Policy shall be governed by and construed in accordance with federal law and any applicable laws of the State of Utah without regard to rules concerning conflicts of law or choice of law. If you are a New York resident, this Online Privacy Policy shall be governed by and construed in accordance with federal law and the laws of the State of New York, without regard to rules concerning conflicts of law or choice of law.
If you decide at any time that you no longer wish to receive marketing emails from one of our lines of business, please follow the “unsubscribe” instructions provided in such emails. Please note that even if you unsubscribe, we may continue to send transactional or administrative emails, such as legally required, regulatory, billing, or service notifications. Your mobile device settings may provide functionality to control push notifications that we may send.
We do not place marketing telephone calls to numbers appearing on a state or federal do not call list (unless permitted by applicable law) or to the number of a person who has requested not to receive telemarketing calls made by or on behalf of us. If you ask not to receive telemarketing calls from us, you will be placed on our internally-maintained do not call list and will not be called during any future telemarketing campaigns. Any request to be placed on our internally-maintained do not call list will be processed within a reasonable amount of time, not to exceed 30 days. Our employees involved in our telemarketing campaigns receive training on how to use our internally-maintained do not call list, and how to document, process and honor requests to be placed on our internally-maintained do not call list. It is our policy to honor a “do not call” request for five (5) years from the time the request is made. However, some states have do not call laws that require us to honor such a request for a longer period of time, and it is our policy to comply with those laws when applicable. Subject to applicable law, if you communicate with us by telephone, we may monitor and may record the call. We reserve the right to revise this Do Not Call Policy.
Your browser or device may include Do Not Track functionality. The Sites are not built to respond to Do Not Track. That means that, even if your browser is set to “Do Not Track,” our information collection and disclosure practices (including the choices that we provide to customers) will continue to operate as described in this Online Privacy Policy.
We encourage security professionals to practice responsible disclosure and let us know right away if a vulnerability is discovered with our Products or on the Service. We will investigate all legitimate reports and follow up if more details are required. Goldman Sachs has engaged with HackerOne to manage all submissions. You can submit vulnerability reports at https://hackerone.com/goldmansachs
The Service may contain links and other functionality that connect with certain sites and applications not provided by us, including social media sites and sites hosted by a third party service provider (“Third-Party Sites”). We are providing these links and functionality solely as a convenience to you. We are not responsible for and have no liability for the content, features, products, services, privacy policies or terms of service of any Third-Party Sites. The fact that we have provided a link to a Third-Party Site is not an endorsement of that Third-Party Site (including any information or content made available throughout such site) or its owners, sponsors or operators. We have not tested any information, software or products found on any Third-Party Site and therefore do not make any representations about those sites or any associated products or services.
We may change this Online Privacy Policy from time-to-time. If we make changes to this Online Privacy Policy, we will update the “Effective as of” date at the top of this page. Any changes to this Online Privacy Policy will become effective when posted unless indicated otherwise. Your continued use of the Service following the posting of any changes will mean that you accept those changes.
Marcus by Goldman Sachs® is a brand of Goldman Sachs Bank USA and Goldman Sachs & Co. LLC (“GS&Co.”), which are subsidiaries of The Goldman Sachs Group, Inc.
All loans, deposit products, and credit cards are provided or issued by Goldman Sachs Bank USA, Salt Lake City Branch. Member FDIC.
Brokerage and investment advisory services offered by Marcus Invest are provided by GS&Co., which is an SEC registered broker-dealer and investment adviser, and member FINRA/SIPC. Research our firm at FINRA's BrokerCheck. Custody and clearing services are provided by Apex Clearing Corporation, a registered broker-dealer and member FINRA/SIPC. Please consider your objectives before investing. A diversified portfolio does not ensure a profit or protect against a loss. Past performance does not guarantee future results. Investment outcomes and projections are forward-looking statements and hypothetical in nature. Neither this website nor any of its contents shall constitute an offer, solicitation, or advice to buy or sell securities in any jurisdictions where GS&Co. is not registered. Any information provided prior to opening a Marcus Invest account is on the basis that it will not constitute investment advice and that GS&Co. is not a fiduciary to any person by reason of providing such information. For more information about Marcus Invest offerings, visit our Full Disclosures.
© 2022 The Goldman Sachs Group, Inc. All rights reserved.
NMLS ID: 208156. NMLS Consumer Access Website: www.nmlsconsumeraccess.org
Investment products are: NOT FDIC INSURED ∙ NOT A DEPOSIT OR OTHER OBLIGATION OF, OR GUARANTEED BY, GOLDMAN SACHS BANK USA ∙ SUBJECT TO INVESTMENT RISKS, INCLUDING POSSIBLE LOSS OF THE PRINCIPAL AMOUNT INVESTED