Legal, Regulatory, and Privacy Issues

Privacy or rewards? Some card programs force you to choose


Some banks won’t let you fully participate in their rewards program if you opt out of them sharing your data

The content on this page is accurate as of the posting date; however, some of our partner offers may have expired. Please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.

Want your bank or credit card issuer to keep your information private? You may have to give up some perks.

Some cardholders have found that if they opt out of allowing their bank to share their personal information with third parties, they can no longer take advantage of certain cash-back offers from merchants.

Those rewards, which the industry calls “card-linked loyalty offers,” typically pop up on your bank’s website or app. You click on an offer to activate it on your card — say, $10 cash back if you spend $25 at Panera or $15 back if you spend $79 at Wal-Mart — and then when you shop there, the reward is loaded directly onto your card.

Consumers like card-linked offers because they’re simple and convenient — you don’t have to print anything or remember to bring a piece of paper into the store. And unlike other forms of advertising, they’re highly personalized.

“What typically happens with these offers is that merchants use transactional payment information to create specific campaigns they think will be valuable and relevant to you,” said Alex Johnson, senior analyst in the credit advisory service at Mercator Advisory Group. So a retailer may target you if you shopped there in the past but haven’t made a recent purchase, or if you shopped at a nearby competitor.

That individualization makes the offers more relevant, but it’s also why some — but not all — card issuers exclude customers who don’t want their data shared.

“The way some programs work, if you opt out of sharing, the issuer can’t give the merchant the data they need to create those offers,” Johnson said.

Federal law requires annual privacy notices
Under federal law, financial institutions must send customers a privacy notice every year listing the ways they may share your information and giving you the option to opt out.

Jason Berk of Long Island, New York, took advantage of that option after receiving a privacy notice from his bank, First Tennessee. A few months later, he received an email from First Tennessee touting “cash rewards” from several retailers. But when he clicked on the link, a message popped up saying the offers weren’t available to him. A customer service rep explained he wasn’t eligible because he opted out of information sharing.

“I was really upset,” Berk said. “I felt like they were penalizing me for opting out. Customers shouldn’t be under that kind of pressure.”

When inquired, a spokesman emailed a statement from Chris Van Steenberg, who oversees the bank’s credit operations. Steenberg said the offers are specific to each card and vary based on where the cardholder already shops and the purchases made with the card.

“In order to provide offers relevant to each specific cardholder, we must share customer information,” the statement said. “However, the privacy opt-out does not allow us to share the information required to offer these rewards. Therefore, we cannot include cardholders that have elected the privacy opt-out. For the Cash Rewards program to work as intended and provide the most benefit to each individual customer, sharing of customer information is required.”

Steenberg noted that cardholders who opt out are still eligible for the bank’s main rewards program, which allows customers to earn points for dollars spent on the card. Those points can be redeemed for merchandise or cash back.

That did little to appease Berk, who said they shouldn’t need his information to grant the merchant cash-backs: “Why can’t purchases I make at specific retailers be tagged by First Tennessee internally, so that discounts can be applied without sharing my information?” He noted that other financial institutions and organizations seem to be able to do that.

Other banks’ programs
Indeed, several card issuers, including Bank of America and American Express, told they are able to extend card-linked offers even to customers who opt out. “We do analyze your shopping habits, but it’s all done internally,” said AmEx spokeswoman Ashley Tufts. “We have a closed loop.”

Johnson said the discrepancy may stem from mechanical differences in how the programs are run or who funds the rewards — the bank or the retailer. If a reward is purely merchant-funded or merchant-driven, the merchant needs access to the data in order to offer relevant rewards, he said.

Silvio Tavares, CEO of The CardLinx Association trade group, said the fact that some banks don’t provide the benefit to cardholders who take the privacy opt-out demonstrates how different card-linked offers are from other forms of digital advertising, which may use your data whether you like it or not.

“This is an explicit bargain,” Tavares said. “The consumer says, ‘I’m willing to share a little data, and in return I get a benefit to me.’ With these deals, you are in control of your data.”

In most cases, he said, customers have to opt in twice to receive the deals: once when they agree to have their information shared and then again by clicking on an offer to load it onto their card. “Most advertising is spam that you don’t want,” he said. “The thing that’s different about these is that it’s 100 percent opt-in.”

Gary Leff, a credit card rewards consultant who blogs at, said he hasn’t heard any complaints about the practice, but he personally doesn’t mind sharing data in order to receive more relevant offers and rewards he might actually be interested in.

Leff said a customer’s transaction data is extremely valuable, and he wouldn’t be surprised if more banks started capitalizing on that by requiring customers to share information before they can earn rewards. “Although it may not be common now, the banks that are doing it may be the start of a trend,” he said. “Banks could fund their entire rewards programs by monetizing that data.”

See related:Cross-device tracking raises privacy issues

Editorial Disclaimer

The editorial content on this page is based solely on the objective assessment of our writers and is not driven by advertising dollars. It has not been provided or commissioned by the credit card issuers. However, we may receive compensation when you click on links to products from our partners.

What’s up next?

In Legal, Regulatory, and Privacy Issues

3 tips for using credit card price protection

Price protection is a little-known credit card perk that could save you hundreds of dollars, but you have to know how it works to take advantage

See more stories
Credit Card Rate Report
Cash Back

Questions or comments?

Contact us

Editorial corrections policies

Learn more