T-Mobile
PRIVACY NOTICE
Effective: June 1, 2023
Overview
You, as consumers, trust
What’s in this notice
This privacy notice (“notice") explains how
This notice applies to personal data we have about you that identifies, relates to, describes, can be associated with, or could reasonably identify you as an individual. It includes data like your name, address, or email address, as well as less obvious data like demographic data, device and usage data, call records, advertising ID, and location data (where you are located). This notice also applies to sensitive personal data, a category of personal data that includes things like your social security number and account log-in credentials, as well as biometric information.
This notice applies to all personal data we collect and use when you access or use our cell and data services, websites, apps, and other services (our “services”), purchase and use our devices and products (“products”), visit our retail stores or corporate offices, or communicate or interact with us in any way, including mail, email, phone, chat, social media, or in-person.
Some products and services have their own privacy notice. To see the whole list, visit our Privacy Notices. If this notice conflicts with a privacy notice for a specific product or service, the product or service notice applies.
This notice does not apply to data that is not personal, like anonymous, de-identified, or aggregated data, even if it comes from personal data.
This notice does not cover:
- Job applicants. To learn more about personal data we collect and use when you apply for a job with us in the U.S., or for our recruiting purposes, please see our
T-Mobile Applicant Privacy Notice.
T-Mobile employees or contractors. To learn more about personal data we collect and use from our employees and contractors, please see ourT-Mobile Employee and Contractor Privacy Notice.
- People working with
T-Mobile in a business context, such as vendors orT-Mobile for Business customers. To learn more about the personal data we collect and use from people working withT-Mobile in a business context, please see our B2B Privacy Notice. - Data that a parent or guardian has told us is from a child under 16. Parents and guardians can learn more about what we do (and don’t do) when it comes to children’s data by reviewing our Children’s Privacy Notice.
How we collect your personal data
We collect personal data about you in four primary ways:
- Directly from you, like when you create an account with
T-Mobile . - Automatically from your use of our products and services, like data associated with using our network.
- From other sources, like information from financial institutions and credit agencies.
- By using or combining data to infer insights about you, like using a particular app on your phone to infer that you like sports.
What data we collect
Personal data you provide directly to us
- Contact and account information, like your name, usernames, passwords, address, telephone number, email address, and household members.
- Authentication and security information like your government identification, Social Security number, security codes, and signature.
- Demographic information, like your age, gender, veteran status, and date of birth.
- Payment information, like your credit card, debit card, and bank account number (see the
T-Mobile Financial Privacy Notice and Sprint Financial Privacy Notice for more information). - Preference information, including preferences related to marketing, advertising, communications, and participation in
T-Mobile programs. - Sensitive personal data, as defined above.
- Other information you choose to provide, like when you submit a survey response, enter a contest or promotion, or contact us.
Personal data we collect automatically
Customer Proprietary Network Information (CPNI)
CPNI is generated by your use of our wireless voice communications services. For more information, read the Phone privacy article.
Unique identifiers
Like cookie IDs, device IDs including mobile advertising IDs, Internet Protocol (IP) address, and media access control (MAC) address collected through tracking technologies like web beacons, pixels, and other tracking technologies. To learn more, read our Cookies and tracking article.
Information from your use of our products, services, and network (and other carriers’ networks when roaming domestically or internationally)
This includes your usage of connecting carriers and Internet service providers, IP address, text messages, and data use history, websites and URLs visited, content interactions (e.g., how long you use an app), viewing info from our streaming services (e.g., videos you watch on the
Device and service performance and diagnostic information
Including reports from your device about signal strength, speeds, app and service performance, dropped calls, call and data failures, geolocation information, and device data like battery strength and serial number and similar device identifiers, settings, language preferences, and software versions, including your browser type and operating system version, the website that referred you to one of our websites, or that you visit upon leaving our websites.
Commercial information
Including records of your purchases from us and purchase tendencies.
Geolocation data
Specifically, data that identifies the approximate or precise location of your mobile device or provision of services. We may also use location technologies to collect data about the presence of your device.
Biometric data
Including biometric identifiers for authentication and fraud prevention. For more information, see the Biometric Information Privacy Notice.
Video data
Like images from video monitoring and recordings of people in our retail stores.
Audio information
Including voice commands you provide to our apps (for example, for accessibility or hands-free use), and audio recordings of calls between you and our customer service representatives.
Personal data we collect from other sources
We may collect personal data about you from other sources. For example, we may obtain updated address information from our shippers like the United States Postal Service. In addition, we may collect information from financial institutions and credit reporting agencies when you, for example, finance a device and, in those instances, we’ll disclose the nature of our collection and obtain your consent when required. We may also buy or get personal data from other third parties, like social media platforms, analytics providers, and consumer data resellers. This information could include contact information, demographic information, geolocation information, and information about your interests, preferences, or behaviors. We use this data for things like product and service improvement, marketing, and advertising.
Personal data we infer
We may learn about your preferences or characteristics based on other personal data we collect. For example, we may infer that you are looking to purchase a new device based on your browsing activity while using our services, and we may use your IP address to estimate your general location. We may also use this information for advertising purposes.
How we use your data
We use your personal data for a lot of reasons, such as:
- Create and administer accounts, complete transactions, payments, billing, and requests related to our products and services and third-party products and services that you charge to your accounts.
- Provide, develop, customize, and personalize products and services, respond to your inquiries, conduct surveys, and perform our contractual obligations.
- Advertise and market products and services from
T-Mobile and other companies to you, including through targeted advertising and communications about promotions and events, contents, and sweepstakes. - Conduct research and create reports from analysis of usage patterns and trends and to deidentify or aggregate personal data to create business and market analysis and reports.
- Detect and help protect against security incidents and illegal, fraudulent, or unauthorized activities; investigate suspicious traffic, cybersecurity threats or vulnerabilities, complaints, and claims; authenticate your credentials for account access and information and provide other security protections.
- Protect you and others from fraudulent, malicious, deceptive, abusive, or unlawful activities.
- Debug and repair errors and help maintain and improve the quality and safety of our products and services.
- Verify your identity and determine your eligibility for accounts, discounts, and specific rate plans, as well as the validity of your payment information.
- Facilitate or verify the appropriate calculation of taxes, fees, or other obligations due to local, state, or federal government requirements.
- Cooperate with law enforcement and protect the rights, interests, safety, or property of
T-Mobile and others. - Comply with, defend, pursue, and enforce applicable legal and regulatory obligations and respond to governmental requests.
- Enforce our policies, terms and conditions, or other agreements.
When we disclose your personal data
We may disclose your personal data with others as follows:
With your consent or at your direction
We may disclose your personal data to third parties with your consent, which we may get in writing, online, or orally. We may also share your personal data with third parties when you tell us to or when you use our products or services to interact with third parties, whose separate privacy notices may apply to that data.
With the account holder
We may disclose personal data about an account user to the account holder (the party financially responsible for the account). The primary account holder may also authorize other users to access account information. If a business, governmental agency, or other individual obtains services for you, that entity or individual is our customer, and we may provide personal data about you or your use of our products and services to them or, if they tell us to, others.
Between
To provide benefits
When you receive discounted pricing or other benefits through someone else’s agreement with us (for example, an employee discount), we may disclose personal data to that person or entity to verify your eligibility for benefits, to calculate any discounts, and to deliver the discount or benefit to you.
To our service providers
We use service providers who may need access to your personal data to do work for us. They’re contractually required to treat your personal data as private (confidential) and to use it only to provide the services we requested. Examples of the service providers we use include print, mail, or email vendors, web hosting vendors, and cloud service providers.
To other third parties
We disclose personal data to third parties for uses described in this notice or for purposes you have requested. For example, we may share data with credit bureaus and similarly regulated entities, banks for device financing, and payment processors to help us provide you with the services you have requested. If you interact with third parties, like content providers who operate video channels or apps through our products and services, we may facilitate the transfer of your personal data for those services. We may also share mobile device identifiers, device and service usage data, and demographics information with third-party advertising partners who may use data to serve ads for
For identity verification and fraud prevention services
To help protect our customers and others from fraudulent use of our network or services, we share personal data (like name, address, account status, SIM change history, and device status) or risk scores derived from such data with entities such as banks or with entities that provide fraud prevention services to
Caller ID providers
We may disclose your mobile number and name with third parties to enable Caller ID and similar services across multiple carriers when you make a call. We don’t publish directories of our customers’ wireless numbers or make numbers available to third parties for listing in their public directories without your permission. You can ask us to exclude your name from Caller ID by calling customer service. You can also block your number from being displayed temporarily on non-emergency calls. Learn how to block your number.
In a business transfer or transaction
We may disclose or transfer personal data about you as part of a corporate business transaction, like a merger or acquisition, divestiture, sale of company assets, or in the event of insolvency, bankruptcy, or receivership. In these cases, personal data could be transferred to third parties as a business asset. We may also disclose personal data to banks and similar entities for the purpose of transferring device financing agreements (or similar agreements) in connection with your device financing.
For legal process and protection
We may disclose personal data to third parties, including government authorities, for legal processes or protection of life and safety where we believe that access, use, preservation, or disclosure of the information is reasonably necessary, including:
- To comply with laws, regulations, legal process or to respond to lawful requests
- To enforce or apply agreements, or initiate, render, bill, and collect for products and services (including disclosure to collection agencies to obtain payment)
- To protect the rights, interests, property, or safety of
T-Mobile , our customers, and others - In connection with claims, disputes, or litigation
- To protect you or others from fraudulent, abusive, or unlawful use of these services, and other fraudulent activity
- In an emergency
How we protect your data
We use administrative, technical, contractual, and physical safeguards designed to protect your data. For example, when you contact us by phone or visit us in our stores, we have procedures in place to make sure that only the primary account holder or authorized users have access.
We can’t guarantee our safeguards will prevent every unauthorized attempt to access, use, or disclose personal data. Be sure to use a strong password to access your information and not one you use for other services. You should also use multi-factor authentication where possible.
Your data choices
We offer consumers in the U.S., Puerto Rico, and the U.S. Virgin Islands choices about their personal data, but your choices may vary depending on the laws that apply where you reside and whether you have a business-to-business account (
Access
To access your personal data, submit a personal data request. Once we receive your request and confirm your identity, we will disclose to you:
- The categories of personal data we have collected
- Specific pieces of personal data we have collected
- Our business or commercial purposes for collecting, selling, or sharing personal data
- The sources from which we collect personal data
- The types of third parties we disclose personal data to
- The types of personal data we disclose for business purposes
For multi-line accounts, the Billing Responsible Party or Primary Account Holder submitting an access request will receive account-level data for all lines on the account such as billing and rate plan information. But personal data associated with a particular phone number on the account (data that is tied to the account but is not the data of the Billing Responsible Party or Primary Account Holder) won’t be shared with the Billing Responsible Party or Primary Account Holder and will only be provided to the individual who submits a request for that phone number. If you are not the Billing Responsible Party or Primary Account Holder on the account, you’ll only see information that is associated to your phone number and email that you include in your “Access my personal data” request.
Delete
To delete your personal data, submit a personal data request. If you do, we may not delete all your data because certain exceptions may apply. For example, we may keep personal data that is necessary to bill you for services, detect security problems, or troubleshoot or enhance our network. If you request that we delete your personal data, we might not be able to offer some services to you or they might not work the way they’re supposed to or that you’re used to.
Correct
If you have a
Authorized Agents
Authorized Agents may act on your behalf by submitting an access, correction, or deletion request. To protect your information, we may request that you verify your own identity before fulfilling a request submitted by your agent.
Verification of your identity
We have to verify your identity before we can give you access to, or delete, your personal data. If we can’t verify your identity, we’ll unfortunately have to deny your request. This is to protect you.
To verify your identity, we’ll need information from you, like your email address and phone number or your
Appeal
If we deny your request, residents of certain states are entitled to submit an appeal. Instructions for how to submit your appeal will be included in our response explaining why we denied your request.
If you have questions about these choices, please read our privacy FAQs.
Do Not Sell or Share
To tell
To learn more, read the Do Not Sell or Share My Personal Information article.
Marketing communications
If you don’t want to learn about products and services we or our partners offer, you can adjust your marketing communications preferences in our Privacy Dashboard. Not all of our communications are for marketing, and you’ll continue to receive service messages for your products and services (like bills, transactional notices, customer service, etc.). To learn more, read the Your marketing preferences article.
Advertising and analytics choices
Under
Analytics and Reporting
For Analytics and Reporting, our program is designed to use information from your device (i.e., app usage data like app name, installation status, how often an app was opened and zip code) and data from your use of
Relevant Ads
For Relevant Ads,
We do not use app usage data to select advertisements, we only use your mobile advertising ID (MAID) and the models and inferences created from the app usage data. We and our advertising partners will use your MAID from your device and data from third party partners to deliver Relevant Ads to you. We will use this data unless you tell us not to by opting out.
When we share MAIDs and inferences with third parties, it is not tied to your name or information that directly identifies you.
Personalized Ads and Offers
In addition to the data used for Relevant Ads, with your consent, we and our service providers will use precise location and other self-declared data you provide to us such as age range (e.g., 35-54), gender, interests, and survey responses from your device and top-level domain information about your web browsing activity from your broadband data to provide you with more Personalized Ads and Offers. To illustrate, we process the top-level name/URL of the website you visited, such as a major retail website, but we do not look at what web pages within that site you visited (e.g., clothes or toasters). We won’t use this data unless you opt-in and we’ll stop using it if you opt-out.
We don’t use or share Customer Proprietary Network Information (“CPNI”) for advertising unless you give us your express permission or as allowed by law to advertise certain
We also do not use information from
For more information about data we use and share for the Ad Program, visit our Privacy Dashboard. When you opt out of the sale or sharing of your personal information from our website footer or opt out using our Privacy Dashboard, your info will not be used for Relevant Ads unless you have provided your opt-in consent for Personalized Ads and Offers. To learn more about how your choices, visit our Privacy Dashboard.
Ads on your mobile device, computer, or other devices
You can get instructions on how to opt-out of targeted ads served by most advertising networks that use cookies, Ad IDs, and similar technology by:
- Visiting our Personalized Ads and Offers article.
- Visiting our Analytics and Reporting article.
You can also take steps to manage targeted ads through your system settings. Resetting your device’s mobile advertising ID does not opt-out your device from targeted ads, but data associated with your prior mobile advertising ID will not be linked to your new identifier through the device. Also, if you reset your device’s mobile advertising ID your prior opt-out choices will not apply to the new ID. To maintain your opt-out choices, you’ll need to opt-out again. These opt-outs will not impact “contextual” advertisements (e.g., a sporting goods advertisement on a sports-themed website) or ads we place on our own websites and apps based on your activity on those sites and apps.
Cookies choice
Most web browsers can be set to detect or reject cookies. Each browser is different, so check the “Help” menu of your browser settings to learn how to change your cookie preferences. If you reject cookies, some things on our websites may not work properly. To learn more about cookies, read our Cookies and tracking article.
Ads on social media
We may work with certain social media websites or platforms (such as Facebook or Twitter) to serve targeted ads to you as part of a customized social media campaign. You can opt-out of receiving customized ads on your social media platforms by changing your ad preferences on those platforms. We don’t control those platforms or your ad preference settings on them and recommend regularly visiting your ad preference settings to ensure they remain accurate.
Some opt-out mechanisms described in the Advertising choices section and the “Do Not Sell or Share My Personal Information” mechanism for
Location data choice
We collect your location data to provide you with our wireless services. For certain non-essential activities, such as advertising, we request your permission before using precise location data associated with your identifying information. We don’t use or disclose precise location data for advertising unless you give us your express permission. For more information, read our Cookies and tracking article. If you have previously consented to these uses, you may revoke that permission at any time through your device’s operating system location preference controls or, in some cases, the app settings. You may also follow the standard uninstall process to remove the app from your device.
Privacy requests received
As a part of
Privacy requests received
Requests to access | Requests to delete | Do Not Sell or Share requests | |
---|---|---|---|
Number received (total) | 2,079 | 1,113 | 20,070,000 |
Number received (CA) | 376 | 253 | Included in Total |
Number complied with in whole or in part | 1,832 | 1,113 | 20,070,000 |
Number denied | 247 | 0 | 0 |
Median number of days to respond to access request | 39 | 38 | 0 |
California residents
Under the California Consumer Privacy Act (CCPA), Consumers who are California residents have personal data rights, including the right to access, correct, delete, and stop the sale or sharing of personal data. Although the CCPA only provides these choices to California residents,
Of course, if you do exercise any of these rights,
Categories of personal data collected and disclosed
For business purposes in the preceding 12 months is described in What data we collect and When we share your data.
Business or commercial purpose for collecting personal data
This is described in How we use your data.
Categories of sources of personal data
This includes information you provide us, that we collect and infer when you use our products and services and provided or purchased from other sources. For more information, see How we collect your data.
Categories of third parties with whom we share personal data
This is described in When we share your data.
Shine the Light
Under the Shine the Light law, California customers may request information about whether a business has disclosed personal data (as defined in that law) to any third parties for their direct marketing purposes. We don’t do that without your permission.
Maine customers
We will not use, disclose, sell, or permit access to your personal broadband data unless it’s allowed in Maine. Maine customers have rights that they can exercise in our Privacy Dashboard.
Children’s data
We know it’s important to treat data parents and guardians tell us is from children under 16 and data from products and services we design for children carefully. The Children’s Privacy Notice explains what we do (and don’t do) when it comes to children’s data. Generally, if you allow a child to use our products or services by providing them with a device or other access associated with your account, any personal data associated with their use will be treated as your personal data. If you’re the parent or guardian of a child using a
This privacy notice and the Children’s Privacy Notice don’t apply to data collected by third party apps and websites, and we encourage parents to review the terms and policies of apps and websites before allowing children to use them. For more info, read the Family Controls and privacy article.
For specific information about kid products like SyncUP KIDS Watch and FamilyMode, please see the Children’s Privacy Notice.
Other important info
Advertising
You may see
Analytics
We may also partner with analytic service providers like Google Analytics to help track your use of our products and services. To learn more about how Google collects and processes personal data, visit Google Privacy & Terms. For additional details, see the Cookies and tracking article. To learn more, read the Your privacy around the web article. For more information on our ad program and your choices, go to the Advertising choices section.
Do Not Track
Do Not Track signals are a web browser setting or mechanism used to indicate that you do not want your online activity tracked. Because there is no universal standard of how to apply that setting, we currently do not honor them. However, we do honor Do Not Sell or Share requests.
Geolocation data
If your mobile device is turned on, our network is collecting data about where it is. We may use, provide access to, or disclose this network location data without additional, specific permission to provide and support our services. Examples include to:
- Route wireless communications
- Operate and improve our network and business
- Detect and prevent fraud
- Provide information to emergency responders about where to find you when you call public safety agencies, including through 911 or similar emergency services numbers
- Comply as required by law
Subject to your settings, we and others may also use geolocation data to provide location-based services (like SyncUP PETS), or to personalize your experience and ads. To learn more, see our Cookies and tracking article.
Internet of Things
We provide connectivity to Internet of Things, or IoT, devices and services offered by other companies. We collect basic information about the information flowing over our network. However, if you’re a customer of a
Data Retention
We retain your personal data for business or tax needs, or legal reasons. We set our retention periods based on things like the type of personal data, the business purpose for which it was collected, and legal obligations to retain certain kinds of personal data.
Technologies in retail stores
In some of our retail stores, beacons have been deployed and we receive aggregate reports (none of which identify any individual or device) from these stores regarding store traffic that uses information collected from beacons through mobile apps. We may also use technology that tracks aggregate traffic patterns and wait times in our stores using
Unaffiliated third parties
Our products and services provide links and access to others’ websites, content services, and apps, and allow you to share personal data with others and to use products and services that
For additional details, read our Your privacy around the web article.
U.S.-based organization
International data privacy
Future changes
We keep this privacy notice up to date. When we make changes, we’ll let you know by updating this notice and the date at the top of this page. In addition, prior to making a material change to how we use or share your data, we’ll also reach out to you (e.g., by text or email or with your bill). If you keep using our products and services after we notify you, we’ll take that to mean you’re fine with the changes for any new data we collect. Those changes will not apply to previously collected personal data unless we get consent from impacted consumers.
Contact us
If you have questions or comments, contact us:
- Email: Privacy@
T-Mobile .com - Call customer service toll-free by dialing:
T-Mobile : 1-800-937-8997 or 611- Metro by
T-Mobile : 1-888-8metro8 (1-888-863-8768) or 611 - Sprint: 1-888-211-4727 or 611
- Assurance Wireless: 1-866-482-2003