Revised Privacy Notice - Frequently Asked Questions

1. Why are we changing Intuit’s Privacy Statement?

First, we've reorganized and simplified our Privacy Statement to make it easier to read and understand. We’ve added headings and highlighted summaries so that you can find the information that’s the most relevant to you more easily. We’ve worked to make it clear and more comprehensive, providing more details about the information we collect, use and disclose.

Second, we have committed to the new EU-U.S. Privacy Shield framework, agreed to by the U.S. Department of Commerce and the European Commission. The Privacy Shield framework is designed to provide more protections around personal data for EU individuals. We revised the Privacy Statement to meet these requirements. These protections are enforceable under U.S. law once a company certifies their commitment to Privacy Shield requirements with the Department of Commerce.

We believe you will find the new Privacy Statement much simpler to read and understand. To see the new Intuit Privacy Statement, please click here.


2. Are you doing something different with my information?

No. Our commitment to data stewardship and keeping your information protected remains unchanged and we are handling your information the same way we always have. Intuit’s participation in Privacy Shield does not change the categories of personal information that we collect or the reasons why we collect this information.


3. Are you changing the information you collect about me or the way you use or share my information?

No. How we collect information about you and how we use and share this information has not changed.


4. Do you sell my information to third parties?

No. We never sell our customers’ information to third parties. This is core to Intuit’s Data Stewardship Principles.


5. Have you changed how you protect my information?

No. We continue to maintain reasonable and appropriate security measures to protect your information. More details on protecting your information can be found here and on the Intuit Security website.


6. What is Privacy Shield?

The Privacy Shield Program is a framework agreed to by the U.S. Department of Commerce and the European Commission to allow for adequate protections for the transfer of personal information about European Union (EU) individuals. Privacy Shield only covers transfers of personal information from the EU to the U.S. and replaces the Safe Harbor framework.  


7. Why are you signing up for Privacy Shield?

Joining the Privacy Shield enables us to appropriately transfer the personal data of our EU customers, from the EU to the U.S. It’s an approved mechanism for transfer that meets the requirements of EU Data Protection. Participating in the Privacy Shield is part of Intuit’s commitment to data stewardship and to operating a global privacy program.


8. I live in the U.S., does Privacy Shield impact me?

If you live in the U.S., Privacy Shield does not directly impact you. We operate a global privacy program based on principles and values that we apply around the world and which are aligned with Privacy Shield Principles. We apply those principles and values to Intuit products and services and to the personal information in them. Some Privacy Shield elements, such as EU arbitration, apply only to EU individuals and is not available to you if you live in the U.S.


9. What has changed in the Intuit Privacy Statement as a result of Privacy Shield?

We have revised the Privacy Statement to: (1) provide more details on how EU data subjects can access their personal information, and where necessary, correct, amend, or delete such information; (2) expand the descriptions of the mechanisms available to EU individuals to address any questions or complaints about how Intuit process their personal information; (3) clarify Intuit’s obligations when it shares EU personal information with third parties, and; (4) clarify that disclosures in response to subpoenas and other legal requests may include disclosures to meet national security or law enforcement requirements.


10. I am in the EU, what do I need to do to take advantage of my new rights under Privacy Shield?

EU individuals should review our Privacy Statement which details Intuit’s privacy practices and the rights under Privacy Shield. In the event you have any questions or concerns about our privacy practices under Privacy Shield, please email us on or review the “EU-U.S. Privacy Shield” section of the Privacy Statement for details on the recourse mechanisms available to you.


11. Are there any other changes that were made in the Intuit Privacy Statement (in addition to those for Privacy Shield)?

We also revised our Privacy Statement to clarify our practices regarding cookies and similar technologies, and to confirm how we will provide notice about changes to our Privacy Statement.


12. What if I’m not comfortable with the revised Privacy Statement?

Our commitment to data stewardship and keeping your information protected remains unchanged. The terms of the new Privacy Statement will take effect on September 14, 2016. If you don’t want to continue having your information processed as described in the new Privacy Statement, you may close your account.


13. What other companies are signing up for Privacy Shield?

The Privacy Shield Framework launched in August 2016. Despite the relative newness of the program, major companies have indicated that they will sign up for Privacy Shield. You can review the list of certified companies and learn more by visiting Privacy Shield


14. How is Privacy Shield different from Safe Harbor?

Privacy Shield provides many of the same protections as Safe Harbor, but imposes heightened obligations on companies transferring personal information about EU data subjects, including: (1) heightened enforcement of companies’ compliance with Privacy Shield Principles; (2) requirements for companies to provide more details about how EU data subjects’ personal information is processed; (3) rights for EU data  subjects to have more control over how their personal information is shared with third parties and used for purposes different from original purposes of processing, and; (4) more options for EU data subjects to address privacy questions and complaints.