12 CFR 573.1 - Purpose and scope.
(a) Purpose. This part governs the treatment of nonpublic personal information about consumers by the financial institutions listed in paragraph (b) of this section. This part:
(1) Requires a financial institution to provide notice to customers about its privacy policies and practices;
(2) Describes the conditions under which a financial institution may disclose nonpublic personal information about consumers to nonaffiliated third parties; and
(3) Provides a method for consumers to prevent a financial institution from disclosing that information to most nonaffiliated third parties by “opting out” of that disclosure, subject to the exceptions in §§ 573.13, 573.14, and 573.15.
(b) Scope. (1) This part applies only to nonpublic personal information about individuals who obtain financial products or services primarily for personal, family, or household purposes from the institutions listed below. This part does not apply to information about companies or about individuals who obtain financial products or services for business, commercial, or agricultural purposes. This part applies to savings associations whose deposits are insured by the Federal Deposit Insurance Corporation, and any subsidiaries of such savings associations, but not subsidiaries that are brokers, dealers, persons providing insurance, investment companies, or investment advisers. This part refers to these entities as “you.”
(2) Nothing in this part modifies, limits, or supersedes the standards governing individually identifiable health information promulgated by the Secretary of Health and Human Services under the authority of sections 262 and 264 of the Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d-1320d-8).