A Regulation S-P Notice

A financial institution's privacy policy must contain at least seven elements according to Regulation S-P. It must be written in plain English. The specific information listed below must be clearly and conspicuously disclosed:

• Privacy policy and practices: A clear and conspicuous notice describing the institution's privacy policies and practices.
• Account relationship status: Information about the customer's account relationship status and how to contact the institution for inquiries.
• Information collected: The types of nonpublic personal information the institution collects about its customers.
• "Opt-out" notice: A clear and conspicuous notice of the customer's right to opt out of certain disclosures and the methods for doing so.
• Exceptions to opt-out: An explanation of any exceptions to the opt-out rights, such as for joint marketing or service providers.
• Categories of third parties: A description of the categories of nonaffiliated third parties to whom the institution may disclose nonpublic personal information.
• Information shared with third parties: A description of the institution's policies and practices regarding the disclosure of nonpublic personal information to third parties, including any limitations or exceptions.

The Reg S-P notice must be delivered at account opening and annually.