In today's environment, where people are subjected to marketing calls, junk mail, and spam and are very concerned about fraud and identity theft, we recognize the seriousness of our responsibility to help maintain the privacy and security of your personal information. As a result, we have adopted privacy and security practices that go beyond minimum legal requirements in order to give you greater comfort. We invite you to compare what we do with any other lender that you are presently using or considering.

Recognize and prevent scams
We take your security seriously. Protect yourself from fraudsters who reach out to you pretending to be LightStream. Always confirm the caller is from LightStream before sharing personal information.

We are a Norton Secure Site:


For Nevada residents only, Nevada law requires that we also provide you with the following contact information:

Bureau of Consumer Protection, Office of the Nevada Attorney General
555 E. Washington St., Suite 3900
Las Vegas, NV 89101
Phone: 702.486.3132
Email: BCPINFO@ag.state.nv.us

We may modify this privacy and security policy from time to time. We will post such changes to this page and update the last revised date. If the changes to the policy are significant, we will provide a more prominent notice including, possibly, an email notification to you.

Privacy Policy

Rev. 02/2022

Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What? The types of personal information we collect and share depend on the product or service you have with us. This information can include:
  • Social Security number and income
  • account balances and payment history
  • credit history and credit scores
How? All financial companies need to share customers' information to run their everyday business—to process transactions, maintain customer accounts, and report to credit bureaus. In the section below, we list the reasons financial companies can share their customers' personal information; the reasons LightStream chooses to share; and whether you can limit this sharing.
Reason we can share your personal information Does LightStream share? Can you limit this sharing?
For our everyday business purposes—
such as process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus
Yes No
For our marketing purposes—
to offer our products and services to you
Yes Yes (See below)
For joint marketing with other financial companies No We don't share
For our affiliates' everyday business purposes—
information about your transactions and experiences
Yes No
For our affiliates' everyday business purposes—
information about your creditworthiness
Yes Yes (See below)
For our affiliates to market to you Yes Yes (See below)
For nonaffiliates to market to you No We don't share
To limit our
  • LightStream customers, please go to Preferences in the customer service section of the LightStream web site to change your preferences to limit our sharing.
  • You may also email LightStream at privacy@lightstream.com
If you are a new customer, we can begin sharing information 30 days from the date you receive this notice. When you are no longer our customer, we may continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing and to restrict telemarketing, direct marketing postal mail and email solicitations.
Who we are
Who is providing this notice? LightStream, and its affiliates.
What we do
How does LightStream protect my personal information? To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.

Our employees are bound by our Code of Ethics and policies to access consumer information only for legitimate business purposes and to keep information about you confidential.
How does LightStream collect my personal information? We collect your personal information, for example, when you
  • open an account or deposit money
  • pay your bills or apply for a loan
  • use your credit or debit card
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can't I limit all sharing? Federal law gives you the right to limit sharing only for
  • affiliates' everyday business purposes—information about your creditworthiness
  • affiliates to market to you
  • nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
What happens when I limit sharing for an account I hold jointly with someone else? Your choices will apply to everyone on your account—unless you tell us otherwise
Affiliates Companies related by common ownership or control. They can be financial and nonfinancial companies. LightStream is a division of Truist Bank.
  • Our affiliates include companies with Truist, SunTrust, BB&T, or Sterling Capital in their name, GenSpring Holdings, Inc., Regional Acceptance Corporation, McGriff Insurance Services, Inc., MBT, Ltd., and GFO Advisory Services, LLC.
Nonaffiliates Companies not related by common ownership or control. They can be financial and nonfinancial companies.
  • LightStream does not share information with nonaffiliates so they can market to you.
Joint marketing A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
  • LightStream does not have any joint marketing partners.
Other important information
State and Local Regulations: If, in addition to federal law, you are protected by specific state or local rules concerning information sharing and marketing, Truist will fully comply with these regulations as well. Under Vermont and California law, we will not share information we collect about you with companies outside of Truist Bank, unless the law allows. Nevada State law requires that we provide residents with the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington Street, Suite 3900, Las Vegas, NV 89101; Phone: 702.486.3132; Email: BCPINFO@ag.state.nv.us.
Use of Third Parties: We have arrangements with companies whose experience is essential for our own services to operate properly. These companies, some of which may be located outside the United States, work at LightStream's direction, only receive the information necessary to perform these functions, and adhere to LightStream’s data security guidelines.
Important Notice about Credit Reporting: We may report information about your account(s) to credit bureaus. Late payments, missed payments, or other defaults on your account(s) may be reflected in your credit report.
Do Not Call Policy. This notice is LightStream’s Do Not Call Policy under the Telephone Consumer Protection Act. LightStream abides by all federal and state regulations on telephone usage, maintains an internal Do Not Call list and makes no telemarketing calls to numbers on this list. All Do Not Call requests are implemented within 30 days and the selection is permanent - unless you elect to remove your number from the list.
Online Privacy Practices 562 16 Online Privacy Practices

Updated March 2022

LightStream has a longstanding commitment to protecting the confidentiality and security of our clients' personal information. We believe it is helpful to have an overview of how this commitment is applied as LightStream collects, uses, and protects your personal information when you visit us online.

For California residents, the California law requires that we provide consumers with advance notice of the types of personal information we collect from consumers, our intended use of such information, and a description of your privacy rights under California law. This includes rights to request disclosure of the types of personal information we have collected on you and your right to request that we delete certain information we have collected from you. Please click here for further information on your specific consumer privacy rights.

What information do we collect?

When you visit the LightStream website, application or otherwise interact with us online, we may collect the below information:

  • Your browser type
  • Your IP address (Your IP address is a number that is automatically assigned to your device by your Internet Service Provider. An IP address is identified and logged automatically whenever you visit a site, along with the time of the visit and the page(s) that were visited.)
  • The presence of any software on your device that may be necessary to view our site
  • Information about the device you are using
  • Personal information submitted on applications, forms, and electronic messaging. Personal information includes:
    • Name
    • Social Security Number
    • Address
    • Email
    • Telephone number
    • Account numbers
    • Usernames
    • Passwords
    • Other non-public information
  • Website analytics information such as pages visited and average time spent on a particular page
    • If you would prefer that your movements and actions online at lightstream.com not be monitored, you can opt-out of tracking.
      • NOTE: It is necessary to install a cookie on your browser to identify that you have opted-out. If you delete the opt-out cookie, or change devices or web browsers, you will need to opt-out again.
  • Search engine traffic referral information
  • Responses to advertisements and promotions

How do we use the information we collect?

The information we collect online helps LightStream to:

  • Analyze our site usage and enhance the user's experience:
    • Diagnose server problems
    • Alert users of any possible software compatibility issues
    • Help us make decisions about how various technologies are used and identify usage trends
  • Send marketing communications:
    • Present personalized offers, ads, or content we believe may be of interest to you
    • Determine the effectiveness of promotional campaigns
  • Make business decisions:
    • Analyze data
    • Perform market research
    • Conduct audits
    • Develop and improve products and services
  • Effectively manage your account:
    • Ensure your identity and protect the security of your personal and account information from unauthorized access
    • Process transactions on your account
    • Respond to product applications and questions
    • Fulfill regulatory requirements

Technologies we use

LightStream and its online advertising and marketing partners may employ various technologies to collect information, including:

  • Cookies: Cookies are pieces of information stored directly on your device. Cookies provide information that is used for security purposes, to facilitate navigation, to display information more effectively and to personalize/customize your online experience.
  • Pixel tags, web beacons, clear GIFs or other technologies: This technology may be placed on certain pages of our website, applications, emails and other marketing initiatives. These tags usually work in conjunction with cookies, and allow us to measure the effectiveness of our site and compile statistics about usage and response rates.
  • Firewalls, passcodes, data encryption and other safety features: LightStream uses these technologies to ensure that the information you provide us remains secure. Learn more about how we safeguard your information online, and learn measures you can take to protect yourself.

Interacting with LightStream online

Online advertising on third-party websites and applications

LightStream advertises its products and services on websites and applications not affiliated with LightStream. The third-party companies we hire to display these ads use their own tracking technologies to measure the effectiveness of these ads and to understand your interest. Many of our third-party partners have their own privacy policies. We encourage you to review these policies carefully.

Some of our third-party advertising is interest-based and may use information about your online interests to customize the online ads you see. LightStream has adopted the use of the AdChoices Icon (also known as the Advertising Option Icon) for our interest-based advertising (excluding ads appearing on platforms that do not accept the icon). Anyone receiving an interest-based ad can click on the displayed icon to receive more information. The AdChoices Icon does not prevent you from receiving advertisements, but allows you to control whether you receive interest-based advertisements and from which companies. Visit the Digital Advertising Alliance website for more information about the AdChoices Icon and interest-based advertising.

Third-party aggregation services and tools

Aggregation allows you to gather information from many websites and view that information in a consolidated format. An example of why you might use a third-party aggregation tool is if you wanted a comprehensive view of assets and liabilities held within your financial accounts. If you provide information about your LightStream accounts (including your access information) to an aggregation service provider, we will consider that as your having authorized all transactions initiated by that aggregation site. LightStream reserves the right to disable aggregation for any account without notice. If you wish to cancel your third-party aggregation services you should also change your password at lightstream.com.

Social Media

LightStream provides experiences on social media platforms such as Facebook or Twitter that enable online sharing and collaboration. Any content you post, such as pictures, information, opinions, or any personal information that you make available to other participants on these social platforms, is subject to the terms of use and privacy policies of those platforms. Please refer to them to better understand your rights and obligations with regard to such content.

Given the very public nature of social media, it is critical that we all safeguard confidential financial information. If you post information on a LightStream site that we feel should be shielded from public view, we will remove it. This includes not only specific details about your LightStream accounts and other private, confidential information (such as your Social Security Number), but details of information relayed in private conversations between you and LightStream representatives. Please know that in taking down or editing your posts, we are focusing our experience and best judgment to keep your personal information safe.

Linking to other sites

LightStream may provide links to non-LightStream companies, such as credit bureaus or merchants, and will notify you when leaving the LightStream site. If you choose to link to websites not controlled by LightStream, we are not responsible for the privacy or security of these sites, including the accuracy, completeness, reliability or suitability of their information. If you are asked to provide information on one of these sites we urge you to carefully study their privacy policies before sharing.

Protecting your children

LightStream strictly follows the federal guidelines of the Children's Online Privacy Protection Act (COPPA) which gives parents control over what type of information is collected online about their children. We do not knowingly collect, maintain, or use personally identifiable information from children under age 13 on our websites. We are not responsible for the data collection and use practices of nonaffiliated third-parties that are linked from our websites. Visit the COPPA website for more information.

Control your online privacy preferences

In summary, the below links can help you to customize and control your privacy preferences when interacting with LightStream online:

  • Opting-out of website analytics tracking
    • If you would prefer that your movements and actions online at lightstream.com not be monitored, you can opt-out of tracking.
      • NOTE: It is necessary to install a cookie on your browser to identify that you have opted-out. If you delete the opt-out cookie, or change devices or web browsers, you will need to opt-out again.
    • If you are a current LightStream customer, you can control your marketing preferences for direct mail, email and telemarketing preferences, along with the sharing of your personal information via our Preferences form. You may also email LightStream at privacy@lightstream.com.

Online Privacy Practices updates

LightStream's Online Privacy Practices are subject to change, so please review them periodically. Any changes will become effective when we post the revised Practices on the site (please note the effective date listed at the top of this page). Your use of the site and applications following these changes means that you accept the revised Practices.

Our Security Practices

With regard to the security of your personal information, we employ a variety of electronic, physical, and procedural safeguards to protect your personal information including:

Encryption - We employ 128-bit Secure Sockets Layer (SSL) technology to encrypt your personal information when it is in transit between your web browser and our web server or vice versa. In addition, we also use advanced encryption when storing or backing up your personal information on our computers, substantially reducing the risk even in the event of loss or misuse of your personal information.

Software and Hardware Security - We employ stringent, up-to-date software and hardware solutions to minimize the risk that your encrypted, personal information could be hacked, lost, or stolen from our computer systems.

Physical Security - Your encrypted, personal information is located and stored in secure areas within our building and any offsite data processing facilities.

Access - Access to your personal information (either physically or online) is limited to you and our employees who have a "need to know" in order to perform their jobs and who have the appropriate authentications such as key cards, user IDs, and passwords. A user ID and password is required on the Sign In page on our web site for you to access and/or update your account information. Please remember to keep your user id and password secure. Also, if you prefer additional security, we offer our AccountLock feature which will prevent access to your account even with a valid user id and password. Access will only be granted after you request a pass code from us. We will then email you a randomly-generated, temporarily available pass code, allowing you one-time access to your account.

Training - We provide training to our employees regarding our security procedures.