Can I collect financial information from participants in Pennsylvania? What are the requirements?

Based on the documents provided, there are certain requirements for collecting financial information from participants in Pennsylvania.

Collection of Nonpublic Personal Financial Information

Licensees who collect nonpublic personal financial information from consumers in Pennsylvania are required to provide initial, annual, and revised privacy notices that include specific information ^[5.1]. The privacy notices must include the categories of nonpublic personal financial information that the licensee collects, the categories of nonpublic personal financial information that the licensee discloses, and the categories of affiliates and nonaffiliated third parties to whom the licensee discloses nonpublic personal financial information ^[5.1].

Exceptions to Notice and Opt-Out Requirements

There are exceptions to the notice and opt-out requirements for disclosure of nonpublic personal financial information ^[1.1][1.2]. For example, licensees do not need to provide initial notice to consumers or offer an opt-out option when disclosing nonpublic personal financial information with the consent or at the direction of the consumer, to protect the confidentiality or security of a licensee’s records, to protect against or prevent fraud or unauthorized transactions, or to comply with federal, state, or local laws ^[1.1]. Licensees may also disclose nonpublic personal financial information to a nonaffiliated third party to perform services for the licensee or functions on the licensee’s behalf, if the licensee meets certain conditions ^[1.2].

Limits on Redisclosure and Reuse of Nonpublic Personal Financial Information

If a licensee receives nonpublic personal financial information from a nonaffiliated financial institution under an exception, the licensee’s disclosure and use of that information is limited ^[2.1]. The licensee may disclose the information to the affiliates of the financial institution from which the licensee received the information, to its affiliates, or to any other person if the disclosure would be lawful if made directly to that person by the financial institution from which the licensee received the information ^[2.1].

Based on the documents provided, if you are collecting nonpublic personal financial information, you must provide privacy notices that include specific information. Additionally, there are exceptions to the notice and opt-out requirements for disclosure of nonpublic personal financial information, including disclosure to a nonaffiliated third party to perform services for the licensee or functions on the licensee’s behalf, if certain conditions are met. If you receive nonpublic personal financial information from a nonaffiliated financial institution under an exception, your disclosure and use of that information is limited.

Source(s):

• [1.1] Other exceptions to notice and opt out requirements for disclosure of nonpublic personal financial information.
• [1.2] Exception to opt out requirements for disclosure of nonpublic personal financial information for service providers and joint marketing.
• [2.1] Limits on redisclosure and reuse of nonpublic personal financial information.
• [5.1] Information to be included in privacy notices.

Jurisdiction

Pennsylvania

• Privacy