We’ve also added new language about Maine residents’ privacy rights under state law.
How We Collect Personal Data About You
We collect personal data about you in four primary ways: directly from you, automatically from your use of our Products and Services, from unaffiliated parties, and by using or combining data to derive additional personal data about you. The types of personal data we collect depend on your interactions with us and the nature of the Products or Services we provide to you.
Personal Data You Provide Directly to Us
We may collect personal data directly from you in a variety of ways, including when you apply, sign up, or pay for our Products or Services, create or modify an online account, fill out a form or survey, interact with our representatives, or submit information through our Services. The personal data we collect directly from you may include:
- Account information, such as your name, usernames, passwords and security codes, address, telephone number, email address, Social Security number, driver’s license information, or other government identification information, date of birth, or signature;
- Demographic information, such as your age, gender, veteran status, or other information you choose to provide;
- Preference information, including preferences related to marketing, advertising and communications and participation in T-Mobile programs; and
- Other information you choose to provide, such as when you submit a survey response, enter a contest or promotion, or contact our representatives.
Personal Data We Collect Automatically
- Customer Proprietary Network Information (“CPNI”) generated by your use of our wireless voice communications services. Please see the CPNI article for additional information;
- Usage information about your use of our Products, Services, and network (or other carriers’ networks when roaming domestically or internationally), including your usage of connecting carriers and Internet service providers, the Internet Protocol (“IP”) address, device IDs (such as mobile advertising ID, or media access control (“MAC”) address), text, and data use history, websites and URLs visited, mobile apps installed or used or that interact with your device, and other network analytics and Wi-Fi usage data;
- Device and service performance and diagnostic information, including reports from your device about signal strength, data speeds, app and service performance, dropped calls, data failures, geolocation information associated with such events, and device data such as battery strength, serial number and similar device identifiers, settings, language preferences, and software versions;
- Back-up information, including data stored in back-ups and cloud services if your device uploads information to T-Mobile network servers to facilitate specific functions (e.g., some devices may back-up your address book, photo album, or diagnostic data).
- Commercial information, including records of your purchases from us, and purchase history and tendencies;
- Geolocation data, specifically data that identifies the approximate or precise location of your mobile device. We may also use location technologies in our retail locations to collect data about the presence of your device;
- Video data including video monitoring and recording in our retail stores and information about viewing habits when you use a T-Mobile-affiliated video application on your device;
- Audio information, including voice commands you provide to our apps (for example, for accessibility or hands-free use) audio recordings of calls between you and our customer service representatives; and
- One of the analytics providers we use is Google Analytics. To learn more about how Google collects and processes personal data, please visit https://policies.google.com/technologies/partner-sites
- For additional details, please review our article on Cookies and Tracking Technology in the T-Mobile Privacy Center.
Personal Data We Collect from Other Sources
We may collect personal data about you from other unaffiliated sources. For example, we may obtain updated address information from our shippers or other vendors, such as the United States Postal Service. We may collect information from financial institutions and credit agencies before or after initiating your Services. We may also purchase or obtain personal data from third parties, such as social media platforms, third-party analytics providers, and consumer data resellers. This information could include contact information, demographic information, geolocation information, and information about your interests, preferences, or behaviors. We use this data for things like Product and Service improvement, marketing, and advertising. For more information see the How We Use Your Data section.
Personal Data We Derive
We may derive personal data or draw inferences about your preferences or characteristics based on the other personal data we collect. For example, we may infer that you are looking to purchase a new device based on your browsing behavior on our Services, or we may use your IP address to estimate your general location.
How We Use Personal Data About You
We use your personal data for a variety of purposes, including providing you with Products and Services. We use your personal data to do things like:
- Process orders, payments, and requests related to our Products and Services, as well as third-party products and services that you charge to your account.
- Provide, develop, customize, and personalize Products and Services, complete transactions, respond to your inquiries, conduct surveys, and perform our contractual obligations.
- Advertise and market Products and Services, including through targeted advertising, contests, and sweepstakes.
- Create analyses and reports about usage patterns and trends including to anonymize and/or aggregate personal data for various purposes such as market analysis, and traffic flow usage trends.
- Detect and help protect against security incidents, and illegal, fraudulent, or unauthorized activities; investigate suspicious traffic, cybersecurity threats or vulnerabilities, complaints, and claims; and provide other security protections.
- Protect users of our Services, as well as other carriers or providers, from fraudulent, malicious, deceptive, abusive, or unlawful activities of others.
- Debug and repair errors in our Products and Services, as well as other activities, in order to maintain and improve the quality and safety of our Products and Services.
- Verify your identity and determine your eligibility for accounts, discounts, and specific rate plans, as well as the validity of your payment information.
- Facilitate or verify the appropriate calculation of taxes, fees, or other obligations due to local, state, or federal government requirements.
- Cooperate with law enforcement and protect the rights (including free speech), interests, safety, or property of T-Mobile or our customers, service providers, and other third parties.
- Comply with and enforce applicable legal and regulatory obligations and respond to governmental requests.
- Enforce our policies, terms and conditions, or other agreements.
- Defend against or pursue claims, disputes, or litigation.
When We Share Personal Data About You
We may disclose personal data to third parties as follows:
With Your Consent or at Your Direction
We may disclose personal data about you to third parties with your consent, which may be obtained in writing, online, or orally. We may also share your personal data with third parties when you direct us to do so or when you use our Products or Services to intentionally interact with third parties. Use of the information you agree to share will be subject to those third parties’ separate privacy policies.
With the Account Holder
We may disclose personal data about an account user to the account holder (the party financially responsible for the account). If a business, governmental agency, or other individual obtains a Service for you, that entity or individual is our customer, and we may provide personal data about you or your use of our Products and Services to them or others at their direction.
To Provide Discounts
When you receive special or discounted pricing, terms, or other benefits through another party’s agreement with us (for example, an employee discount), we may provide enough personal data to that party to verify your eligibility for benefits under their agreement with us, to calculate any associated discounts, and to deliver the discount or benefit to you.
To Our Service Providers
Service providers we use may need access to your personal data to do work for us. Service providers are contractually required to treat the personal data we provide as confidential and to use the personal data only to provide the services we requested. Examples of the service providers we engage include print, mail, or email vendors, web hosting vendors, and cloud service providers.
To Third Parties
Some third parties need access to personal data for their own purposes or for purposes you have requested. For example, we may share data with credit bureaus and similar regulated entities, banks for device financing, and payment processors to help us provide and for you to obtain these Services or for Services you have requested. We may also share mobile device identifiers, device and service usage data, and demographics information with third-party advertising partners who may use data to serve ads for T-Mobile and others as described in the Advertising section. For Sprint customers, in the past, we may have shared certain data with other companies in a way that does not directly identify you in order for them create aggregate reports. For more information about these activities visit the Advertising and Analytics article. Use of the information we share with these third parties will be subject to those third parties’ separate privacy policies.
To Identity Verification and Fraud Prevention Services
To help protect our customers and others from fraud, we may share limited personal data (such as name, address, account status, SIM change history) with entities that provide fraud prevention services to banks, and other entities. Personal data is only shared with our identity verification and fraud prevention partners in connection with specific, individual transactions (such as a credit application with a bank). We share only the minimum data required to support the fraud prevention service. Banks and others receive an indicator that helps the banks determine fraud may be present, but they don’t receive your individual data.
Caller ID Providers
We may share your mobile number and associated name with third parties that facilitate Caller ID and similar services across multiple mobile carriers. We do not publish directories of our customers’ wireless numbers or make such numbers available to third parties for listing in their public directories without the customer’s prior consent. We do, however, provide your number and associated name to enable Caller ID and similar services when you make a call. You can request that we exclude your name from Caller ID by calling customer service. See How to Contact Us below. You can also block your number from being displayed temporarily on non-emergency calls by following the instructions here.
In a Business Transfer or Transaction
We may disclose or transfer personal data about you as part of a corporate business transaction, such as a merger, acquisition, or divestiture, joint venture, corporate reorganization, financing, or sale of company assets, or in the unlikely event of insolvency, bankruptcy, or receivership, in which case the personal data could be transferred to third parties as a business asset in the transaction. We may also share information with banks for purposes of transferring loans in connection with your device financing.
For Legal Process and Protection
We may disclose personal data to third parties involved in legal process or protection matters, including government authorities, where we believe that access, use, preservation or disclosure of such information is reasonably necessary, including:
- To comply with applicable law, regulation, legal process or to respond to lawful requests or legal process.
- To enforce or apply agreements, or initiate, render, bill, and collect for Products and Services (including disclosure to collection agencies to obtain payment for our Products and Services).
- To protect the rights, interests, property, or safety of T-Mobile and our affiliates, agents, service providers, customers, and others.
- In connection with claims, disputes, or litigation.
- To protect users of our Services and other carriers or providers from fraudulent, abusive, or unlawful use of, or subscription to, such Services, and other fraudulent activity.
- In an emergency.
How We Protect Personal Data About You
We use a variety of administrative, technical, procedural, contractual, and physical security measures designed to protect your personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use while it is under our control. We maintain authentication procedures when you contact us by phone or in retail locations to help ensure that access is provided only to the primary account holder or authorized users of the account. Online access to your personal data is protected through passwords and other safeguards.
Despite our security efforts, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use, or disclose personal data. Be sure to use a strong password to access your information and not one you use for other services. We maintain security incident response plans to investigate and remediate incidents involving unauthorized access to personal data.
We retain your personal data for business or tax needs, or for as long as applicable laws, regulations, or government orders require.
You may see T-Mobile and other advertisements on your devices - whether you are connected to our network or using another connection method (e.g., Wi-Fi or wireline connections). In some cases, these ads may be targeted to your device based on information the advertiser has gathered about your online or offline behavior, or other data about your interests. These online ads are sometimes called “interest-based” or “targeted” ads.
Like most companies that operate commercial websites or apps, T-Mobile works with third-party advertising networks, which collect certain information about our customers and visitors to our websites and apps, serve ads for us and others, and measure their effectiveness. The advertising networks that provide these ads may place cookies and web beacons or use mobile device identifiers and similar technologies on websites and apps. This technology allows tracking of device activity over time across online properties. The advertising networks’ use of these technologies and of the information collected is subject to their own privacy policies and those of the sites where they operate. T-Mobile may also use its own online advertising services in connection with these ad activities. We adhere to the Digital Advertising Alliance's ("DAA") Self-Regulatory Principles for Online Behavioral Advertising. To learn more about ad targeting and our ad services please see our article on Advertising and Analytics in the T-Mobile Privacy Center. For more information on your choices, go to the Advertising Choices section.
Do Not Track (“DNT”) signals are a web browser setting or other mechanisms used to indicate that you do not want your online activity tracked. Because there is no universal standard of how to apply the DNT setting, we currently do not honor them. However, we honor Do Not Sell settings as described below.
If your mobile device is turned on, our network is collecting data about the device location. We may use, provide access to, or disclose this network location data without your approval to provide and support our Services, including to route wireless communications, operate and improve our network and business, detect and prevent fraud, provide information to emergency responders about where to find you when you call public safety agencies, including through 911 or similar emergency services numbers, or as required by law. Subject to your preference choices, we and others may also use location data to provide location-based services (LBS), or to personalize your experience and ads. To learn more, review our Cookies and Tracking Technology article and our Advertising and Analytics page.
Internet of Things
In many cases, we provide connectivity to Internet of Things (“IoT”) devices and services offered by other companies. In such cases, we collect basic information about the information flowing over our network. However, if you are a customer of a T-Mobile IoT Service, we, and our application providers, also collect information from the IoT device and any related app to support the Service to which you have subscribed. The information varies depending on the IoT Service but may include personal data like contact information and location, audio, and device activity and measurement data.
Technologies in our Retail Stores
In some of our retail stores beacons have been deployed and we receive aggregate reports (none of which identify any individual or device) from these stores regarding store traffic that relies in part on information collected from such beacons through mobile applications. We may also use technology that tracks aggregate traffic patterns and wait times in our stores using Wi-Fi and Bluetooth identifiers (e.g., a MAC address). Where such technology is used, we will provide a prominent notice at the location. If you wish to exclude your device from such in-store mobile analytics, you can opt out at any time by entering your MAC address at https://optout.smart-places.org.
We may use video monitoring and recording in our retail stores for security purposes as well as traffic pattern and other analytics purposes.
Unaffiliated Websites and Mobile Applications
T-Mobile is headquartered in the United States and our data processing activities primarily occur in the United States. You acknowledge that any personal data we collect may be transferred to, processed, and stored in the United States. You further acknowledge that the United States has standards for the processing and storage of personal data that may not be equivalent to those in the country where you reside and/or are a citizen, and you consent to our collection, transfer, processing, and storage of your personal data in the United States.
International Data Privacy
Your Personal Data Choices
You have options regarding the personal data we collect about you, as described above. T-Mobile offers all consumers the ability to make requests about their personal data. We will not discriminate against you if you choose to exercise your options related to your personal data. If you have questions, please contact us. Please note that the range of choices and contact methods may differ for T-Mobile for Business enterprise and wholesale customers. Your options include:
Access and Deletion
- Access: You may request access to the specific pieces of personal data we have collected about you, and you may also request additional details about our information practices, including the categories of personal data we have collected, our business or commercial purposes for collecting or selling personal data, the sources from which we collect personal data, the types of third parties we share personal data with, the types of personal data we disclose for business purposes, and details about personal data we have sold and to whom. You may request access to your personal data by submitting your request here or by contacting customer service at the numbers in the How to Contact Us section. For multi-line accounts, the primary account holder (if applicable) is authorized to access information for all the devices and lines on the account. Other users may generally access online account information (including CPNI) related only to their assigned line. The primary account holder, however, may designate additional or more limited access rights for other users on the account. Enterprise customer accounts are protected through authentication and access methods that may vary from those used by individual consumers.
- Deletion: You may request that we delete the personal data we have collected about you. Please note that we may retain certain personal data as required or permitted by applicable law. There are some cases where we do not delete data as permitted by applicable law, for example, personal data that is necessary to complete a transaction, detect security incidents, or for certain other internal purposes. If you request that we delete your personal data, certain Services may no longer be available to you or may be affected in other ways. You may request deletion of your personal data by submitting your request here or by contacting customer service at the numbers in the How to Contact Us section.
- Verification of Your Identity For your protection—to prevent unauthorized access to data and ensure that you are the person who is making the request—we must verify your identity before we can fulfill your request for access or deletion. To learn more about our verification process, please read our FAQs. If we are unable to verify your identity, your request will be denied.
“Do Not Sell” Choice
The California Consumer Privacy Act (“CCPA”) defines “sale” to include sharing or disclosing of personal data with a third party for monetary or other valuable consideration. This may include when we share information about you that is associated with device identifiers with third parties for targeted advertising purposes. To learn more, visit our Advertising and Analytics article. There are circumstances where sharing of personal data with third parties is not considered to be a sale. For example, we may share personal data with service providers who work on our behalf if the service provider agrees not to use that personal data for other purposes. In addition, you may intentionally direct us to share information with a third-party, which is also not a sale. T-Mobile provides the “Do Not Sell My Personal Information” link to comply with the CCPA. For more information about why T-Mobile's apps and websites contain the “Do Not Sell My Personal Information” link and what happens if you tell T-Mobile not to “sell” your personal data, please click here. We give you the option to opt out of these sales at any time by following this “Do Not Sell My Personal Information” link. The link is also available on our websites and mobile apps.
Marketing Communications Choice
We may communicate with you through various channels about our Products and Services or products and services our partners offer. You may choose to opt-out of some or all marketing communications from us, but if you subscribe to our Services or buy our Products, you will continue to receive invoices, customer service and transactional notices, and similar communications.
If you are a T-Mobile customer and you manage your account online, you can manage your marketing communications preferences by logging into your my.t-mobile.com account. If you do not manage your account online, or you are not a current T-Mobile customer, you may manage your marketing communications preferences by clicking here or by contacting Customer Service by dialing 611 from your T-Mobile phone or 1-800-937-8997 from any phone. The primary account holder (if applicable) can configure options for marketing communications for all lines on the account. You can also unsubscribe from certain marketing communications (such as email) by following the instructions in the communication. For additional details, please review our article on Marketing Choice in the T-Mobile Privacy Center.
You can opt-out of targeted ads provided by most advertising networks.
- Ads on Social Media We may work with certain social media websites or platforms (such as Facebook or Twitter) to serve targeted ads to you as part of a customized social media campaign. You can opt-out of receiving customized ads on your social media platforms by changing your ad preferences on those platforms. We do not control those platforms or your ad preference settings on them and recommend regularly visiting your ad preference settings to ensure that they remain accurate.
- Cookies Choice Most web browsers can be set to reject cookies or provide notice when cookies are placed on your device. Each browser is different, so check the "Help" menu of your browser settings to learn how to change your cookie preferences. If you reject cookies, certain functions on our websites may not work properly, and your ability to use some areas of our websites may be limited.
Note that certain Ad Choices opt-out mechanisms described in the Advertising Choice section, and the “Do Not Sell My Personal Information” mechanism for T-Mobile websites described in the Do Not Sell section, rely on cookies to retain your opt-out preferences. If you reject or erase cookies, your Ad Choices and Do Not Sell opt-out requests you make may not function properly and you may need to perform the opt-out again.
- Location Data Choice We request your permission before collecting and using precise location data associated with your directly identifying information for certain non-essential activities. For more information see our Cookies and Tracking Technology article. If you have previously consented to these uses, you may revoke that permission at any time through the device’s operating system location preference controls or, in some cases, the app settings. You may also follow the standard uninstall process to remove the app from your device.
Information for California Consumers: Your California Privacy Rights
Consumers residing in California are given certain additional rights with respect to their personal data under the following laws:
Shine the Light
Shine the Light requires us to disclose that California customers may request information concerning whether a business has disclosed personal data as defined in the Shine the Light law to any third parties for their direct marketing purposes. We do not disclose your personal data as defined in the Shine the Light law to non-affiliated companies for their direct marketing purposes without your consent.
California Consumer Privacy Act (“CCPA”)
Additional Disclosures Related to the Collection, Use, Disclosure and Sale of Personal Data
Categories of Personal Data Collected: In the preceding 12 months, we have collected the following categories of personal data, as defined by the California Consumer Privacy Act:
- Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers such as signature and physical characteristics; Financial information, such as credit card or other payment information;
- Characteristics of protected classifications under state or federal law, such as age or gender;
- Commercial Information, including records of personal property, Products or Services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies;
- Internet or electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement;
- Geolocation data;
- Audio, electronic, visual, thermal, olfactory, or similar information;
- Professional or employment related information;
- Education information; and
- Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and personal attributes.
For more specific examples of the personal data we collect, please see “How We Collect Personal Data About You” section.
Business or Commercial Purpose for Collecting Personal Data: We collect personal data for the business and commercial purposes described in “How We Use Personal Data About You” above.
Categories of Sources of Personal Data: We collect personal data directly from you, automatically from your use of our Products and Services, from unaffiliated parties, and by using or combining personal data to derive additional personal data about you, as described in “How We Collect Information About You” above.
Categories of Third Parties with Whom We Share Personal Data: We may share your personal data with third parties as described in the “When We Share Personal Data About You” section above.
Categories of Personal Data Disclosed: In the preceding 12 months, we have disclosed the categories of personal data described in “Categories of Personal Data Collected” for business purposes.
Sales of Personal Data: We are also required by the CCPA to disclose that in the preceding 12 months, T-Mobile (which also includes Sprint) “sold” (as the term “sale” is defined in the CCPA) the following categories of personal data for the following uses: We shared device identifiers and internet and electronic network activity to facilitate certain advertising activities commonly deployed by online and technology companies. What this means is that a unique, resettable number that identifies your device was linked to online activity and shared with third parties who use that data for advertising and analytics purposes, including advertising networks, data analytics providers, and social networks. For Sprint customers, we shared, but no longer share, location and usage information with other companies in a way that does not directly identify you for their use in creating aggregate reports. For more information about these activities visit the Advertising and Analytics article. T-Mobile does not knowingly collect, and therefore does not sell, the personal data of minors.
CCPA Consumer Rights: The CCPA also requires us to communicate information about rights California consumers have to request access to their personal data, to request deletion of their personal data, to request additional details about our information practices, to request to opt out of the “sale” of their personal data, and the right not to be discriminated against for exercising these rights. For details about how to exercise these rights, please see above.
Information for Maine Broadband Customers
Customers physically located and billed for broadband internet access services received in Maine have certain additional rights under the Maine Broadband Internet Access Service Customer Privacy Law (“Maine Broadband Law")
Your Rights: You have a right to consent to the use, disclosure, sale, or access of such personal information for purposes other than those permitted under the Maine Broadband Law and may revoke your consent at any time. If you do not consent, we will not refuse to provide you Broadband Internet Access Services or charge you a penalty or offer any discount based on your choice. To exercise your choices, visit https://www.t-mobile.com/privacy-center/take-control-of-your-data.
How to Contact Us
- Email us at firstname.lastname@example.org
- Contacting customer service toll-free by dialing:
- T-Mobile: 1-800-T-Mobile (1-800-937-8997) or 611
- Metro by T-Mobile: 1-888-8metro8 (1-888-863-8768) or 611
- Sprint: 1-866-429-1055 or 611
- Assurance Wireless: 1-866-482-2003