To continue enjoying all the features of Navy Federal Online, please use a compatible browser. Confirm your browser capability.

  • Last Updated: November 19, 2025
  • Effective Date: November 19, 2025

Navy Federal Credit Union, together with its subsidiaries, affiliates and branches (collectively, “Navy Federal,” “we,” “us” or “our”) values your privacy and is committed to handling the information we collect about you responsibly and in accordance with applicable law.

This Navy Federal Online Privacy Policy (“Policy”) provides information for everyone about our online information practices. The Policy explains how we, or third parties on our behalf, collect information about you when you access or use our website or mobile applications (“our Sites”), interact with our digital advertisements, or communicate with us via email. The Policy describes the types of information we collect in these contexts; how we use, share and protect that information; and any privacy choices you may have with respect to the information.

Depending on how you interact with us online or where you reside, additional Navy Federal privacy policies may apply to you. For example, if you have obtained our products or services primarily for personal, family or household purposes (including as an applicant), Navy Federal’s Consumer Privacy Policy applies to information we collect about you in connection with those products or services, and if you are a current or former employee or contractor of Navy Federal, our Workplace Privacy Notice applies to information we collect about you in the context of your workplace relationship with us. In addition, Navy Federal’s California Consumer Privacy Act Disclosure and Notice at Collection applies to certain personal information we collect about California residents.

Even when this Policy or other Navy Federal privacy policies apply, you may also be subject to the privacy policies of a third party. For example, wireless service providers, internet service providers, email service providers and/or device manufacturers may have their own privacy policies for the information they may access in the contexts covered by this Policy. We encourage you to read their privacy notices carefully.

This Policy also provides details on contexts in which we interact with you online when this Policy does not apply. In these circumstances, you may be subject to the information practices of a third party. You should familiarize yourself with the third party’s privacy policies, terms of use and security practices before interacting with us or otherwise sharing your information in those contexts.

Please note that our Sites and digital advertisements are intended for a US audience and are not intended for children under 13. To the extent this Policy conflicts with other applicable law, applicable law governs. This Policy may be amended or updated from time to time to reflect changes in our practices or changes in applicable law. If we make changes to this Policy, we will revise the last updated date on this page. We encourage you to read this Policy carefully and to regularly check this page to review any changes we may make.

When Does This Policy Apply?

Our Sites

We interact with you on or through our Sites in a variety of ways depending on your relationship with us. For example, you may visit or use our Sites to learn about our products and services; sign up for membership; apply for a mortgage, automobile, or other loan; manage your Navy Federal checking, deposit, or credit card account; pay bills, transfer funds, or otherwise use our mobile or online banking tools; locate Navy Federal branches or ATMs; request customer support; complete a survey; or apply for a job at Navy Federal. This Policy applies to information we, or third parties acting on our behalf, collect about you when you interact with us on or through our Sites.

Our Digital Advertisements

We market our products and services to you through Navy Federal advertisements displayed on our Sites and on third-party websites and mobile applications (third-party sites) and through marketing emails we send you (collectively, our digital advertisements). This Policy applies to information that we, or a third party acting on our behalf, gather about you when you click on or open our digital advertisements. Please note that when you interact with our advertisements on a third-party site, you are also subject to the privacy policies of the site owner. We encourage you to review these policies carefully. For more information on our digital advertisements, please see “What Is Targeted Advertising?” below.

Emails

In addition to the marketing emails discussed above, we may send other emails to you, such as surveys and promotions, and you may communicate information to us by email. This Policy applies to information collected about you through these communications. Please note, however, that email transmitted across the internet is normally not protected and may be intercepted and viewed by others. Therefore, you should refrain from sending any confidential or private information via unsecured email. We'll never ask you to send confidential information to us via email, such as your login ID, password, full account numbers or Social Security number. If you have an account with us, you can sign in to mobile or online banking to send us a Secure Message. By communicating with us via email, you acknowledge and accept the inherent risks associated with unsecured electronic communication.

When Does This Policy Not Apply?

Social Media

Navy Federal provides experiences on social media platforms such as Facebook, Instagram, LinkedIn, Bluesky and X (formerly Twitter) that enable online sharing and collaboration. We use social media to facilitate social engagement and sharing, when such sharing is appropriate and safe. Your interactions with us on these sites, any content you post, such as pictures or opinions, or information about yourself that you otherwise make available to other participants on these social media platforms, is subject to the terms of use and privacy policies of those platforms. Please refer to them to better understand your rights and obligations with regard to your information. Given the very public nature of social media, it is critical that you not share information that could compromise the security of your Navy Federal accounts or make you vulnerable to identity theft. If you post information on a Navy Federal social media page that we determine poses such a privacy or security risk, we will remove it. This includes not only specific details about your Navy Federal accounts and other private, confidential information (such as your Social Security number), but details of information relayed in private conversations between you and Navy Federal representatives. Please know that by taking down or editing your posts, we are exercising our best judgment to keep your financial information safe.

Consumer-Authorized Third-Party Access

You may authorize a third-party company to access your Navy Federal mobile or online banking account in connection with products and services you request from them. These products and services include: account aggregation, which allows you to view information from financial accounts you have at different institutions in a consolidated format; budgeting and expense tracking; income verification; streamlining financial processes, such as applying for a loan or filing your tax returns; credit building; and money transfer and payment services, which link to your Navy Federal account to facilitate payments and money transfers.

This Policy does not apply to information you share with these third-party providers, and Navy Federal is not responsible for any use or disclosure of your information that results from the authorizations you provide to a third party in this context. You should familiarize yourself with the privacy and data security practices of a third party before granting them access to your account information. If you provide your Navy Federal user ID, password or other account access information to a third party, we will consider that you have authorized any transaction or action initiated by the third party’s use of the access information you provide. We reserve the right to disable third-party access for any account without notice. If you wish to revoke access you previously granted to a third party, you can do so for certain third parties through Navy Federal’s Security Center on our Sites. If you shared, or believe the third party may have obtained, your account access information, you must also change your Navy Federal password to ensure that the third party cannot continue to access your account. Even if you did not share account access information, we strongly encourage you to change your account password as an added precaution in the event you wish to revoke account access you previously granted.

Links to Third-Party Sites

We may provide links on our Sites to third-party sites. If you access such a link, we will notify you before you leave our Site. Other than in the contexts described above or where specifically indicated, this Policy does not apply to information about you that is collected via these third-party sites. Navy Federal is not responsible for the privacy or security of sites that are not controlled by us, including the accuracy, completeness, reliability or suitability of their information. When you access or use these third-party sites, you are subject to the privacy practices of these third parties. We urge you to carefully study these privacy policies before sharing information on these third-party sites. Please also note that when you access a third-party site via a link on our Sites or in our emails, the third party may collect information about the page you viewed prior to visiting, or the link you clicked to access, their site. This may allow the third party to know you visited our Sites or received an email from us. 

How Do We Collect Information Online?

We, or others on our behalf, may collect information about you under this Policy from the sources described below.

From You

Much of the information we collect about you online is provided to us directly by you, such as when you: pose or respond to questions on our Sites via live chat or virtual assistant; use the mobile or online banking services on our Sites; fill out forms, respond to surveys, or enter contests or promotions via our Sites; apply for work at Navy Federal through our Sites; post on our social media pages; or send emails or secure messages to us.

Please note that information you enter on our Sites may be collected by us even if you do not complete the communication or transaction. For example, if you initiate a Navy Federal member application, we, or others acting on our behalf, may collect your name, email address and telephone number as soon as you input that information online, even if you do not click the button to submit the application. Consistent with applicable law and any applicable Navy Federal privacy policy, this information may be used to follow up with you to complete the application or to advertise our products and services to you.

If you communicate any information relating to other people to us or our service providers, you represent that you have authority to disclose this information to us and to permit us to use the information in accordance with this Policy or any other applicable Navy Federal privacy policy.

Automatically Through Online Tracking Technologies

When you interact with us in the contexts covered by this Policy, we, or third-party companies or platforms acting on our behalf, may automatically collect certain information about you through a variety of online tools and technologies. These online tracking technologies may include:

  • Cookies. Cookies are small text files that websites store on your device to remember information about you. This information may include unique user IDs, language or region preferences, items in a shopping cart, website settings, and internet usage data. When you visit our website or interact with our online advertisements, cookies may be set and read by us (first-party) or by third-party companies and platforms that provide marketing and analytics services to us (third-party), who can then track your activity across any website that contains the same cookie. Our website uses 3 categories of cookies: essential cookies that are necessary for our website to function properly; analytics cookies that help us optimize the performance of our website and enhance your online experience by storing information about your preferences and how you interact with our site; and targeted-advertising cookies that store information about your online activity across multiple websites so that our advertising partners can deliver personalized advertisements to you. Most web browsers allow you to adjust your browser settings to decline certain cookies or to delete cookies stored on your device. Doing so, however, may degrade your experience on our website.
  • Web Beacons. Web beacons (also known as beacons, clear GIF, pixels or tags) are tiny, often invisible images or pieces of code that are located on webpages, online advertisements or electronic communications. When you access online content that contains a web beacon, it reports information about your online activity to the company that placed the beacon and allows the company to set and read cookies. We use beacons on our website, online advertisements and emails. These beacons are generally placed by and share your information with third-party companies and platforms that provide marketing and analytics services to us. This information allows them to determine how often you visit our website, the parts of our website you view, and whether you have interacted with one of our online advertisements or opened an email from us. By allowing information about your online activity to be linked with your unique user ID, web beacons and cookies can work together to create a profile of your browsing behavior across sites and sessions.
  • Software Development Kits and Mobile Advertising IDs. Our mobile applications may include third-party software development kits (SDKs) that allow us, or a third party acting on our behalf, to collect information about your mobile application activity. In addition, some mobile devices come with a resettable advertising ID (such as Apple’s IDFA and Google’s Advertising ID) that, like cookies and web beacons, allow us, or our third-party partners, to identify your mobile device over time for advertising purposes.
  • Local Shared Objects. Local shared objects, often referred to as "flash cookies", are similar to browser cookies, but they are specific to Adobe Flash applications and may not be managed in your browser in the same way as other cookies.
  • Server Logs. Server logs automatically record information and details about your online interactions with us. For example, server logs may record information about your visit to our Sites on a particular time and day.

In addition to the tracking technologies used on our Sites, third-party companies that provide marketing and analytics services to us may use these and other similar technologies on third-party sites in connection with the services they provide us. You should review the privacy policies of any third-party site you access to understand the tracking technologies these sites may use.

From Other Sources

This Policy covers only certain information we collect about you online as described above. We may combine the information we collect about you under this Policy with information we have about you from additional online and offline sources. These additional sources may include: phone calls with and letters from you; credit reporting agencies; third-party data sources for fraud prevention, identity verification, or marketing purposes; third parties you direct or authorize to share information with us; former employers and references in connection with job applications; and publicly available data sources. We will treat such combined information in accordance with this Policy and any other Navy Federal privacy policy applicable to that information, such as our Consumer Privacy Policy and our California Consumer Privacy Act Disclosure and Notice at Collection.

What Online Information Do We Collect?

Depending on how you interact with us under this Policy, we may collect various types of information about you. The information we or others on our behalf may collect through the online tracking technologies described above includes:

  • Internet Protocol (“IP”) Information: your IP address, which is a unique identifier for your device, and related information, such as your internet provider and general geographic location
  • Mobile Network Information: carrier name and phone number
  • Other Online Identifiers: unique identifiers (IDs) that allow us or others to recognize you or your device online, such as hashed email addresses, hashed phone numbers, hashed names, device IDs, user IDs, cookie IDs, and advertising IDs; hashed member data, such as emails, name, phone number
  • Brower Information: your browser type (e.g., Chrome, Firefox), version and configuration
  • Device Information: details about your computer, mobile phone or other electronic devices, including operating systems, display/screen resolution and other device settings
  • Online Activity Information: information about your activity on our Sites and third-party sites, such as what you search for, which pages you visit and when, the links you click, how often you visit and the time you spend on each page, and your navigation patterns
  • Referrer Data: information about how you search for our website and the URL for the website you visit before arriving at our website
  • Cookie Settings: information about your settings for accepting or blocking cookies
  • Geolocation Information: your general geographic location (e.g., city, state or country) and if you grant permission, your device’s latitude and longitude
  • Preferences: your language and notification preferences and other settings you’ve chosen
  • Marketing Data: information on which advertisements or other online content from us you view or interact with
  • Electronic Communications Information: whether electronic communications from us are opened and how you interact with these communications
  • Cross-Device/Browser Data: information about likely connections among different browsers and devices that you use, such as whether 2 devices are associated with you
  • Analytics Data: information about your browsing and application activities over time and across websites and applications

We may associate the above information with other information we have about you, including information that directly identifies you. We will treat this combined information in accordance with this Policy and any other applicable Navy Federal privacy policy.

Other information we, and others on our behalf, may collect under this Policy includes:

  • Contact or Identity Data, such as your name, mailing address, email address, phone number, date of birth, government-issued identifier (e.g., Social Security number, tax ID number, driver’s license or other government ID), citizenship, business contact and professional information, username and password, profile picture, and other information that directly identifies you
  • Account Data, such as account number, credit/debit card number, account history, account balances, loan details, vehicle or property information, information about beneficiaries and joint account holders, business-related information (e.g., business name, address, revenue and industry type), and other information related to your Navy Federal accounts, applications or prequalification inquiries
  • Transaction Data, such as credit/debit card purchases, payment or transaction history, transaction details when you transfer money to or from your Navy Federal accounts, third-party billing information or statements, and payment card details
  • Credit Report Information, such as your credit score, credit history and other information that we receive from credit reporting agencies
  • Demographic Data, such as gender, marital status, age, household size/composition, education information, income, occupation, veteran or military status, and employment status
  • Electronic Communications Content, such as the details or content of your communications with us via our Sites, such as when you use live chat or virtual assistant, fill out forms or surveys, or enter contests or promotions
  • Employment Application Data, such as professional, employment-related and education history if you inquire about or apply for a job with us via our Sites
  • Inferences about you drawn from the above information and association of that information with other information we may have about you

How Do We Use Your Online Information?

We use the information we collect about you under this Policy for various purposes depending on how you interact with us. For example, consistent with applicable law, we may use this information for the following purposes:

  • Providing our products and services to you
  • Maintaining our Sites, including debugging, security, fraud prevention and session management
  • Reviewing and processing your applications for our services and transactions with us
  • Verifying your identity
  • Maintaining and servicing your accounts
  • Responding to your requests and communicating with you
  • Managing your preferences and personalizing your experience on our Sites
  • Conducing analytics and research concerning your use of our Sites and the effectiveness of our advertising campaigns
  • Delivering and tailoring our digital advertisements to you based on inferences about your interests and preferences inferred from your browsing behavior across the internet over time
  • Developing new products and services, improving existing products and services, and enhancing your experience when you use our Sites
  • Assessing and ensuring the health and safety of ourselves, our members, our workforce and third parties
  • Protecting the physical security and safety of our premises and the electronic security of our systems
  • Complying with our legal obligations, relevant industry standards, contractual obligations and our policies
  • Establishing, exercising and defending our legal rights
  • Detecting, preventing, investigating, and addressing actual or potential fraud or other illegal activities or breaches of policy
  • Performing audits
  • Processing applications to work for us
  • Carrying out purposes described to you prior to or at the time the information is collected
  • Creating aggregated and de-identified information, which can then be used for any lawful purpose
  • Otherwise operating, managing and maintaining our business, such as analyzing credit risk, resolving complaints and disputes, and conducting institutional risk control, credit reporting, compliance and human resource activities.

To Whom Do We Disclose Your Online Information?

We disclose the information we collect about you under this Policy in a variety of contexts consistent with applicable law. For example, we may disclose this information to:

  • You
  • Our affiliates
  • Our business partners to bring you co-branded services, products or programs that you have requested
  • Service providers who provide services on our behalf and help us run our business, subject to binding contractual obligations not to disclose or use the information other than to carry out the purposes for which we disclosed it
  • Credit reporting agencies to report on your financial history and for other lawful purposes
  • Relevant government entities or any other relevant third party if we believe that disclosure of the information is necessary to:

(i) respond to the demands of an applicable subpoena, warrant, court order, summons, or other legal process or in connection with a supervisory examination, civil investigative demand, or other law enforcement inquiry or governmental request

(ii) detect, prevent, investigate or address actual or potential fraud or other illegal activity

(iii) establish, enforce or defend our legal rights, including to verify and enforce our terms and conditions and collect past-due accounts

(iv) protect the rights, property, safety or security of ourselves, our workforce, our customers or third parties

(v) otherwise comply with applicable law

  • Any relevant third-party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation)
  • Any relevant third party to service or process a product or service requested by you
  • Other third parties with your consent or at your direction, such as when you use a third-party service to help manage your financial information across various financial institutions

In particular, we may disclose the information collected through the online tracking technologies described above, as well as hashed contact data, such as your name, email and phone number, to:

  • Analytics companies and platforms who help us collect, process and analyze your online activity data to improve decision-making and personalize customer experience
  • Marketing companies and platforms who help us track and use your online activity data to target our digital advertisements to you based on your interests or preferences inferred from that information and cross-contextual data they have about you

In addition, consistent with applicable law, we may disclose to any relevant third party:

  • Information that does not identify, relate to or describe you and that cannot reasonably be associated with or linked to you, including de-identified, aggregated and anonymous information
  • Publicly available information

Our Consumer Privacy Policy provides additional information about how we share information we obtain when offering financial products and services for personal, family or household use.

Where appropriate, we will limit sharing of your information in accordance with the choices you have provided us.

Do We Sell Your Online Information?

We do not sell your information for monetary consideration.

How Do We Protect Your Online Information?

We use reasonable physical, electronic and procedural safeguards that comply with legal and regulatory standards to protect and limit access to the information we collect about you. This includes device safeguards and secured files and buildings.

Please note that information you send to us electronically may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information (such as your tax identification number) to us.

While we take caution and make reasonable efforts to protect your online information when it is maintained by us or our service providers, no method of data storage is completely secure. In the event of a security incident that results in exposure of your online information, we will notify you in accordance with applicable law.

For information about you that is de-identified or aggregated, we implement reasonable safeguards to prohibit re-identification or re-aggregation, as applicable. With respect to de-identified information, we commit to maintain and use the information in de-identified form and not to attempt to re-identify the information, other than for the sole purpose of determining whether the de-identification process satisfies requirements under applicable law.

How to Correct or Update Your Online Information

It is important that we have accurate and up-to-date information about you. If you notice that your information is incomplete, inaccurate or out of date, you can request to update your information by accessing your profile on our Sites or by contacting us at 1-888-842-6328. You may also write to us at Navy Federal Credit Union, PO Box 3002, Merrifield, VA 22116-9887.

How Do We Handle Children’s Privacy?

We recognize the importance of protecting privacy where children are involved. Our Sites and digital advertisements are not designed for use by, and we do not knowingly collect information from individuals under 13. Accounts for minors must be jointly owned by an adult over 18. Mobile and online banking is available only to individuals 14 years and older. For other minor accounts, only a joint co-owner over 18 can access mobile and online banking.

What Is Targeted Advertising?

You will see targeted advertisements for our products and services on our Sites and on third-party sites. Which advertisements you see is often determined using the information we or our service providers have about you, including information about your relationships with us (e.g., types of accounts held, transactional information, location of banking activity). To that end, where permitted by applicable law, we may share with our marketing service providers the information we collect from and about you as stated in this Policy.

Targeted advertising (also known as online behavioral advertising or interest- or preference-based advertising) refers to the practice of collecting information from a computer or device regarding a visitor’s web-browsing activities across non-affiliated websites over time in order to deliver advertisements that may be of interest to that visitor based on their browsing history. Through targeted advertising, we hope to deliver Navy Federal advertisements that are most likely to be of interest to you using information about your web-browsing activities (e.g., the webpages you visit, search terms you enter and the way you move through our online services on your computer or device) or your personal profile (e.g., demographic or location information). As discussed above, our marketing service providers may use cookies and related tracking technologies, such as the web beacons, on our Sites and digital advertisements to support these targeted advertising efforts.

What Choices Do You Have?

Unsubscribe From Our Marketing Emails

You can opt out of receiving our marketing emails from us through the instructions on our marketing emails. Please note that you may receive marketing emails from Navy Federal up to 10 business days after submitting your request. If you opt out of receiving marketing emails, we may still send you emails about your account or for other non-marketing purposes.

Managing Cookies on Your Device

You may be able to set your web browser to tell you when cookies are set, delete your cookies or block cookies altogether. Please check your browser’s settings or support pages to learn how to manage cookies on your browser or device. Your decision not to accept cookies could limit access to some of the services and features on our Sites. For example, we may not recognize your device, and, if you are a mobile or online banking customer, you may need to answer challenge questions each time you log on.

California Residents

If you are a California resident, please refer to Navy Federal’s California Consumer Privacy Act Disclosure and Notice at Collection for additional information about your rights under the California Consumer Privacy Act of 2018.

Policy Updates

We may change this Policy from time to time. Changes may be made for any number of reasons, including to reflect industry initiatives, changes in the law and changes to the scope of the Sites, among other reasons. When we make updates, we will let you know by appropriate means, such as by posting the revised Policy on this page with a new “Last Updated” date. Any changes to this Policy will become effective when posted unless otherwise stated.