Privacy or rewards? Some card programs force you to choose


Privacy or rewards? Some card programs force you to choose
Privacy or rewards? Some card programs force you to choose

Want your bank or credit card issuer to keep your information private? You may have to give up some perks.

Some cardholders have found that if they opt out of allowing their bank to share their personal information with third parties, they can no longer take advantage of certain cash-back offers from merchants.

Those rewards, which the industry calls "card-linked loyalty offers," typically pop up on your bank's website or app. You click on an offer to activate it on your card -- say, $10 cash back if you spend $25 at Panera or $15 back if you spend $79 at Wal-Mart -- and then when you shop there, the reward is loaded directly onto your card.

Consumers like card-linked offers because they're simple and convenient -- you don't have to print anything or remember to bring a piece of paper into the store. And unlike other forms of advertising, they're highly personalized.  

"What typically happens with these offers is that merchants use transactional payment information to create specific campaigns they think will be valuable and relevant to you," said Alex Johnson, senior analyst in the credit advisory service at Mercator Advisory Group. So a retailer may target you if you shopped there in the past but haven't made a recent purchase, or if you shopped at a nearby competitor.  

That individualization makes the offers more relevant, but it's also why some -- but not all -- card issuers exclude customers who don't want their data shared.

"The way some programs work, if you opt out of sharing, the issuer can't give the merchant the data they need to create those offers," Johnson said.

Federal law requires annual privacy notices
Under federal law, financial institutions must send customers a privacy notice every year listing the ways they may share your information and giving you the option to opt out.

Jason Berk of Long Island, New York, took advantage of that option after receiving a privacy notice from his bank, First Tennessee. A few months later, he received an email from First Tennessee touting "cash rewards" from several retailers. But when he clicked on the link, a message popped up saying the offers weren't available to him. A customer service rep explained he wasn't eligible because he opted out of information sharing.

"I was really upset," Berk said. "I felt like they were penalizing me for opting out. Customers shouldn't be under that kind of pressure."

When inquired, a spokesman emailed a statement from Chris Van Steenberg, who oversees the bank's credit operations. Steenberg said the offers are specific to each card and vary based on where the cardholder already shops and the purchases made with the card.

In order to provide offers relevant to each specific cardholder, we must share customer information.

-- Chris Van Steenberg
First Tennessee Bank

"In order to provide offers relevant to each specific cardholder, we must share customer information," the statement said. "However, the privacy opt-out does not allow us to share the information required to offer these rewards. Therefore, we cannot include cardholders that have elected the privacy opt-out. For the Cash Rewards program to work as intended and provide the most benefit to each individual customer, sharing of customer information is required."

Steenberg noted that cardholders who opt out are still eligible for the bank's main rewards program, which allows customers to earn points for dollars spent on the card. Those points can be redeemed for merchandise or cash back.

That did little to appease Berk, who said they shouldn't need his information to grant the merchant cash-backs: "Why can't purchases I make at specific retailers be tagged by First Tennessee internally, so that discounts can be applied without sharing my information?" He noted that other financial institutions and organizations seem to be able to do that.

Other banks' programs
Indeed, several card issuers, including Bank of America and American Express, told they are able to extend card-linked offers even to customers who opt out. "We do analyze your shopping habits, but it's all done internally," said AmEx spokeswoman Ashley Tufts. "We have a closed loop." 

Johnson said the discrepancy may stem from mechanical differences in how the programs are run or who funds the rewards -- the bank or the retailer. If a reward is purely merchant-funded or merchant-driven, the merchant needs access to the data in order to offer relevant rewards, he said.

Silvio Tavares, CEO of The CardLinx Association trade group, said the fact that some banks don't provide the benefit to cardholders who take the privacy opt-out demonstrates how different card-linked offers are from other forms of digital advertising, which may use your data whether you like it or not.

"This is an explicit bargain," Tavares said. "The consumer says, 'I'm willing to share a little data, and in return I get a benefit to me.' With these deals, you are in control of your data."

In most cases, he said, customers have to opt in twice to receive the deals: once when they agree to have their information shared and then again by clicking on an offer to load it onto their card. "Most advertising is spam that you don't want," he said. "The thing that's different about these is that it's 100 percent opt-in."

Gary Leff, a credit card rewards consultant who blogs at, said he hasn't heard any complaints about the practice, but he personally doesn't mind sharing data in order to receive more relevant offers and rewards he might actually be interested in.

Leff said a customer's transaction data is extremely valuable, and he wouldn't be surprised if more banks started capitalizing on that by requiring customers to share information before they can earn rewards. "Although it may not be common now, the banks that are doing it may be the start of a trend," he said. "Banks could fund their entire rewards programs by monetizing that data."

See related: Cross-device tracking raises privacy issues

Published: July 29, 2015

Join the discussion
We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, do not disclose confidential or personal information such as bank account numbers or social security numbers. Anything you post may be disclosed, published, transmitted or reused.

If you are commenting using a Facebook account, your profile information may be displayed with your comment depending on your privacy settings. By leaving the 'Post to Facebook' box selected, your comment will be published to your Facebook profile in addition to the space below.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

Follow Us

Updated: 10-21-2016

Weekly newsletter
Get the latest news, advice, articles and tips delivered to your inbox. It's FREE.