Stellantis Financial Services

rev. March 2026

PRIVACY POLICY TERMS & CONDITIONS

WHAT IS PRIVACY

Customer satisfaction is our guiding principle at Stellantis Financial Services, Inc. along with our service providers and other third parties acting on our behalf (“SFS”), and we make consumer choice and privacy a core part of that commitment. We strive to earn your trust through responsible data practices and clear, transparent communication.

SFS understands that you may be concerned about your privacy. Therefore, we want to make you aware of our privacy practices in this Privacy Policy. This Privacy Policy describes the information we collect from and about you and how we use information about you, with whom we disclose it and how we protect it. Our websites and mobile applications (collectively, our “Sites”) may contain links to third party sites not controlled by SFS or covered by this Privacy Policy.

By including a link to a third-party website, SFS does not endorse or recommend any products or services offered or information contained at the third-party website. We recommend that you check the privacy statements of other sites you visit before providing any Personal Data. Such third party may have a privacy policy different from that of SFS, and the third-party may provide less security protection than SFS. If you decide to visit a third-party website via a link contained on our Sites, you do so at your own risk.

If you become a customer of SFS, and once a year while you remain a customer of SFS, we will provide you with our General Privacy Policy, which describes the collection and disclosure of financial information about our customers, as required by law.

NOTICE AT COLLECTION

This Notice at Collection describes the practices of Stellantis Financial Services, Inc. regarding the collection, use, and disclosure of Personal Data.

Personal Data (Personal Information). We may have collected the following categories of Personal Data from you in the last 12 months: personal identifiers (e.g., name, postal address, unique personal identifier or other similar identifiers), protected classification characteristics under California or federal law, financial information, employment information, commercial information (e.g., records of personal property, or other purchasing or consuming histories or tendencies), geolocation information, Internet or other electronic network activity information, biometric information, inferences or derived data about you, professional and educational information, vehicle information, audio, visual, and electronic data, sensitive or protected classifications, and sensitive personal information. For more information see below “What Personal Data does SFS collect?”.

Sensitive Personal Data. We have collected Sensitive Personal Data from you, including information that reveals your Social Security number, driver’s license, or financial account information. This is done in accordance with providing you financial services such as a loan or lease you have made with us.

Purposes for Processing Personal Data. We use the Personal Data we collect about you for the business purposes described in the section titled, “How does SFS use the Personal Data it collects?” We do not process Sensitive Personal Data without obtaining your consent and only process Sensitive Personal Data for the purposes outlined here and to the extent permitted under applicable law.

Categories of Personal Data Sold or Shared (for cross-context behavioral advertising). In the preceding 12 months, we may have provided Personal Data to third parties for targeted advertising, analytics, and other purposes described in this Notice. Californians—and others—may have the right to direct us not to “sell” or “share” certain Personal Data. If we engage in such activities, we will provide you with the opportunity to opt out. We do not knowingly sell or share the Personal Data of individuals under 18 years of age.

Retention of Personal Data. The section titled, “Retention of Personal Data,” outlines the criteria we utilize for determining how long to retain your personal information.

PRIVACY HIGHLIGHTS

DISCLAIMER - THIS SECTION SERVES AS A SUMMARY OF OUR PRIVACY POLICY AND SHOULD NOT BE RELIED ON OVER THE REMAINDER OF THIS POLICY. USERS SHOULD CONSULT THE ENTIRE PRIVACY POLICY.

What We Collect: Personal Data, which includes identifiers (e.g., name, address, SSN), financial details, online activity, and limited sensitive data (e.g., driver’s license), among other data.
Why We Collect It: To provide and manage financial products and services, comply with legal obligations, provide you with opportunities to receive relevant offers, prevent fraud, and improve your experience, among other uses.
How We Disclose It: We disclose Personal Data to service providers, third parties, affiliates, and regulators as needed for operations and compliance. We provide you with opportunities to choose how your data is used and disclosed, subject to the law and the terms of this Privacy Policy.
Your Rights: Depending on your state, you may have rights to access, correct, delete, limit use of sensitive data, and opt out of targeted advertising or profiling/automated decision-making technology. We honor Global Privacy Control (GPC) signals.
Minor’s Data: We do not intentionally collect data from children under 13 and do not intentionally sell data of anyone under 18.
Contact Us: Email privacy@stellantis-fs.com or call 800-234-0971 (Financed Vehicles) / 800-439-0985 (Leased Vehicles).
Learn More: See full details below, including how to exercise your rights and opt-out options.

WHAT PERSONAL DATA DOES SFS COLLECT?

We collect Personal Data that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you (“Personal Data”), which may sometimes be called Personal Information or Personally Identifiable Information. In the preceding 12 months, this may include, but is not limited to:

Types of Personal Data Collected

Examples

Identifiers

Real name and aliases; Residential address; Mailing address; Date of birth; Telephone numbers (e.g., home, mobile, work); Email addresses; Driver’s license number; Passport number; Government-issued identifiers (e.g., Social Security number, state ID card number); Unique personal identifier; Online identifier; Account name; Signature

Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Financial Information

Account transaction information and history; Account number at a bank or other financial institution; Type of bank account and name of bank or financial institution; Payment information (e.g., debit card, credit card, checking account numbers, routing information); Insurance policy information (including policy number); Income information; Information contained in credit reports

Internet & Network Activity

Geolocation data (e.g., device location, IP address); Internet or network activity information (e.g., browsing history, interactions with website); Email communications; Text messages

Geolocation

Rough location via IP address

Professional & Educational Info

Professional or employment-related information (work history, prior employer, current employer); Education information; Information concerning references

Vehicle Information

Motor vehicle information (including vehicle identification number aka VIN)

Audio, Visual & Electronic Data

Audio, electronic, visual and similar information (e.g., telephone call recordings)

Sensitive or Protected Classifications

Characteristics of protected classifications under California law, federal law, or other applicable laws (e.g., sex, marital status)

Derived Data

Inferences drawn from any of the Personal Data listed above to create a profile (e.g., preferences, characteristics)

Sensitive Personal Data

Government-issued identifiers (e.g., driver license, Social Security number, state ID card number, or passport number);

Notice on the collection of other forms of Personal Data:

SFS may occasionally receive other forms of Personal Data and Sensitive Personal Data than what is disclosed above, that you voluntarily provide to us during interactions, such as when contacting customer support. For example:

“Customer called to request account changes due to a health condition and asked to add a spouse as an authorized user.”

We do not request this information proactively and do not store it beyond what is necessary for customer service archival purposes (we store notes from customer services calls of what the reason for calling was and how the call was resolved). This information is never used to create marketing profiles, nor is it shared for advertising or sale. It is retained solely to support internal business operations related to customer service, compliance, and legal requirements.

How does SFS use the Personal Data it collects?

The purpose for collecting and using any and all of the above categories of Personal Data is for the following uses:

Commercial purposes (e.g., providing relevant offers and financial products)
Provide and manage products and services
Support operations, including risk, legal, and compliance requirements
Manage, improve, and develop our business; conduct internal research; secure systems
Conduct employment and HR operations
Respond to inquiries and fulfill requests
Facilitate participation in online activities
Auditing related to interactions and transactions
Detect security incidents and prevent fraud
Debugging and error repair
Short-term, transient uses (e.g., contextual ad customization)
Perform services (account maintenance, customer service, payment processing, analytics)
Internal research for technological development
Verify or maintain quality/safety of services or devices
Any function for which we obtain your consent
Other uses as identified in this Privacy Policy

The table below elaborates on this, covering the previous 12 months, and provides examples of practical scenarios for your understanding:

Purposes for Collection, Use, and Disclosure

Examples

Provide and manage products and services

Establish and process transactions for vehicles and ancillary services (receive payment from checking accounts, credit cards, commercial financing, payment services, etc.)
Support ongoing management and maintenance (e.g., account statements, online portal, customer service, payments, collections, notifications)
Obtain support from third-party service providers, professional services, business partners, and financial institutions

Support our everyday operations, including risk, legal, and compliance requirements

Perform accounting, monitoring, and reporting
Enable information security and anti-fraud operations
Credit, underwriting, and due diligence
Support audits, investigations, and legal requests
Exercise and defend legal claims
Comply with laws, regulations, policies, procedures, and contractual obligations
Operate and manage IT and communications systems

Manage, improve, and develop our business

Market, personalize, develop, and improve products and services
Disclose Personal Data with our service providers to provide our services and send you relevant offers
Conduct research and analysis for innovation
Support customer relationship management
Evaluate and engage in mergers, acquisitions, and other transactions
Obtain support from service providers and marketing partners

Support employment, infrastructure, and human resource management

Provide benefits to employees and dependents (healthcare, retirement)
Manage pay and compensation
Manage attendance, timekeeping, leaves, and vacation
Operate facilities and infrastructure (risk and security monitoring)
Recruit, process applications, and onboard employees
Perform identity verification, accounting, budgeting, audits, internal investigations, disciplinary matters
Strategic planning and project management
Conduct research and analytics for succession planning and business continuity
Obtain support from third-party service providers and professional services

Additional operational and security purposes

Respond to inquiries and fulfill requests
Facilitate participation in online activities
Auditing related to interactions and transactions
Detect security incidents and prevent fraud
Debugging and error repair
Short-term, transient uses (e.g., contextual ad customization)
Perform services (account maintenance, customer service, payment processing, analytics)
Verify or maintain quality/safety of services or devices

Commercial purposes

Advance commercial or economic interests (e.g., inducing purchases, subscriptions, or transactions)
Enable or effect commercial transactions

Legal and consent-based purposes

Comply with laws and regulations
Any function for which we obtain your consent

Legitimate business purposes

Any other purposes as appropriate to further our legitimate business needs as permitted by law.

For example, we may use the information you provide when you complete an online application for credit in order to process and evaluate your application. We may also use the information you provide to contact you regarding your account and to process or collect payments. In addition, we may collect and use information for analytic purposes, market research or for marketing purposes, as allowed by law.

From Whom Does SFS Collect Personal Data

In the preceding 12 months SFS has collected Personal Data from the following sources:

Source

How We Collect

Examples of Personal Data

Typical Contexts / Notes

Directly from individuals (e.g., consumers, applicants, employees, business contacts) or their authorized agents

Forms, applications, onboarding, customer service interactions, phone calls, emails, text messages, website/app portals, mail

Identifiers (name, address, date of birth, email, phone); Sensitive Personal Data (SSN, driver’s license, passport); Financial info (account numbers, payment info); Audio recordings (customer service call recordings)

Account opening; product enrollment; support tickets; identity verification; consent flows

Automated collection from devices. Operating systems and platforms, and online activity

When you use our Sites: cookies, pixels, SDKs, web beacons, server logs, mobile device signals

Online identifiers, IP address, geolocation (device/IP-based), browsing/usage data, interaction logs

Security, fraud detection, analytics, personalization

Our service providers (processors) and professional advisors

Data transfers to/from vendors supporting operations (IT, cloud, analytics, payment processors, customer support, legal compliance, collections, etc.)

Account information, transaction data, identifiers, support logs, risk/underwriting outputs

Perform services and obtain support purposes; contractual restrictions apply

Financial institutions and payment networks

Interbank transfers, ACH/wire, card networks, insurance carriers

Account numbers, transaction history, payment instruments, insurance policy data

Establishing and processing transactions; payment settlement; fraud monitoring

Credit bureaus and consumer reporting agencies

Permissible purpose pulls (credit reports, scores)

Credit report details, income/obligations, tradeline and inquiry data

Underwriting, due diligence, account management, regulatory compliance

Marketing, advertising, and analytics partners and networks

Audience matching, campaign reporting

Online identifiers, device data, interaction metrics, inferred preferences

Tailored advertising, marketing measurement; subject to opt-out/consent where applicable

Affiliates and subsidiaries

Intra-group transfers under common control

Overlapping customer account data, identifiers, product usage, inferred data

Business management, product improvement, consolidated risk/compliance

Employers, benefit administrators, and HR platforms

Employment lifecycle systems and third-party HR vendors

Employment/education info; identifiers; compensation/benefits data; timekeeping; leaves

HR operations: recruiting, onboarding, payroll, benefits, audits, investigations

References and professional contacts

Reference checks, vendor/customer due diligence

Employment verification, professional history, contact details

Recruiting, business-to-business onboarding, vendor management

Public records and government entities

Government databases, court filings, corporate registries

Government-issued identifiers; licensing/registration info; sanctions lists

Compliance (Know Your Customer/ Anti-Money Laundering), legal requests, audit/investigation support

Regulators, law enforcement, and legal process

Subpoenas, warrants, regulatory exams, supervisory communications

Records responsive to lawful demands; account and transaction info; identifiers

Compliance with laws; exercise/defense of legal claims

Social networks and publicly available sources

User profiles, public posts, professional platforms (as permitted by law)

Contact details, employment/education info, publicly shared identifiers, inferred interests

Marketing/relationship management; fraud prevention; subject to platform policies

Merger/acquisition or asset transfer counterparties

Diligence and post-closing integration

Customer/employee datasets, product/transaction histories, operational records

Business continuity; subject to contractual and legal safeguards

Quality, safety, and security operations

Monitoring tools, access controls, facility systems

Access logs, device identifiers, security incident data, audit trails

Detect, prevent, and prosecute malicious, deceptive, fraudulent, or illegal activity

With your consent (additional, specific sources)

Explicit opt-ins authorizing new collection/uses/disclosures

Any category authorized by you

Any function for which we obtain your consent; scope defined at point of collection

Any other source as permitted by law

As permitted by law to further our legitimate business needs/purposes

Varies

Any function as permitted by law to further our legitimate business needs/purposes

Does SFS disclose, sell, or share, the Personal Data it collects?

We may disclose the Personal Data we collect about you to third parties, such as companies performing services on our behalf for the purposes described in this Privacy Policy and as permitted or required by law.

As permitted by law, we may also disclose Personal Data collected about you with companies with whom we have formal agreements to offer or market to you financial products and services. We may disclose information about you with our affiliates and with nonaffiliates for analysis, market research, and marketing purposes as allowed by law and consistent with the relevant privacy notices. Finally, we may disclose your Personal Data as otherwise permitted or required by law, such as to government or regulatory authorities.

Sales and sharing (for cross-context behavioral advertising) of Personal Data are described in this Privacy Policy, which provides notice and the opportunity to opt out. In these instances, we provide an ongoing ability to revoke your consent, as described in this Privacy Policy.

Our disclosures in the previous 12 months:

Types of Personal Data Disclosed

Categories of Third Parties Disclosed To

Purpose for Disclosure

Examples

Identifiers

Service providers (IT, CRM, payment processors); Financial institutions; Affiliates and subsidiaries; Government and regulatory authorities; Professional advisors; Customer support vendors

Provide and manage products and services; Complete transactions; Identity verification and fraud prevention; Compliance with laws; Customer service and communications

Name, address, email, phone number, SSN, driver’s license, passport

Financial Information

Financial institutions and payment networks; Service providers; Credit bureaus; Affiliates; Government authorities

Establish and process transactions; Payment settlement; Risk and underwriting; Compliance and reporting

Bank account numbers, credit card details, transaction history, insurance policy numbers

Internet & Network Activity

IT and cybersecurity vendors; Analytics providers; Marketing and advertising partners; Social media platforms

Enable online services; Detect security incidents; Personalize and improve services; Cross-context behavioral advertising (subject to opt-out)

IP address, device ID, browsing history, geolocation

Professional & Educational Information

HR platforms; Background check vendors; Professional advisors; Government authorities

Employment and HR operations; Recruiting and onboarding; Compliance and audits

Employment history, current employer, education details

Vehicle Information

Service providers; Affiliates; Government authorities

Provide and manage products; Compliance and reporting

VIN, registration details

Audio, Visual & Electronic Data

Customer support vendors; AI service providers (e.g., Observe.AI); Government authorities

Customer service quality; Compliance; Fraud prevention

Call recordings, chat transcripts

Sensitive or Protected Classifications

HR platforms; Government authorities; Professional advisors

HR operations; Compliance with laws

Sex, marital status

Derived Data (Inferences)

Marketing and analytics partners; Affiliates; Service providers

Personalization; Marketing; Business development

Preferences, characteristics

Sensitive Personal Data

Service providers; Government authorities; HR platforms

Identity verification; Compliance; HR operations

SSN, driver’s license, passport, precise geolocation

Notice on Communications and Artificial Intelligence:

Communications, including, but not limited to, telephone call recordings, e-mail communications, chat recordings, text messages, and mailed correspondence may be disclosed to third parties and may be analyzed using artificial intelligence (“AI”) tools provided by third party service providers, including, but not limited to, Observe.AI. These tools may transcribe, analyze, and summarize the communication in real-time to improve our service and for other critical business functions. When you contact us, we disclose that calls may be recorded for these and similar purposes. The analysis may also be used to train or improve AI models. We do not sell Personal Data for the purpose of training large language models.

Cookies, Pixels, and Other Online Technology that Collects Personal Data:

When you browse or visit one of our Sites, we may store certain information on your computer. This information may be in the form of a small text file called a “cookie” and can help us to tailor our Sites to your individual preferences and save you time if you visit the Sites again. Cookies are text files containing small amounts of information which are downloaded to your device when you visit a web site. Cookies are useful in a number of ways, including allowing a web site that you use to recognize your device, keep track of pages visited, and even remember your preferences. Cookies can expire at the end of a browser session (these are called “session” cookies) or they can be stored longer (these are called “persistent” cookies). You can disable cookies by making the appropriate selection from your browser options to inform you when cookies are set or to prevent cookies from being set. However, if you choose to disable or delete cookies, you may limit the functionality we can provide when you visit our Sites. We may use online tracking technologies, such as cookies or web beacons, to gather aggregate information about your visit to our Sites or how you interact with our emails. This information allows us to measure site activity and to create ideas for improving our Sites and emails, and we may include the time and length of your visit/did you open our email, the pages you look at on our Sites, the web site you visited just before coming to ours, and your internet service provider. If we provide you with a link from one of the SFS Sites to another site, we may track the fact that you clicked the link. This will help us understand which links and emails are helpful to you when you visit our Sites or interact with our emails, and it will help us provide you with links that may be of interest to you, when you visit our Sites again.

We operate all website analytics in such a manner that seeks to protect user’s privacy.

We use website analytics tools such as Google Analytics and Microsoft Clarity. These third parties may collect information about your online activities over time and across different web sites when you use our Sites.

In addition, we collect the IP address of each visitor to track activity occurring on the Sites, including the following examples:

Customer Requested Password Retrieval
Customer Requested Username Retrieval
Customer Changed Email Address
Customer Changed Username
Customer Changed Secret Question
Customer Changed Contact Info
Visitor sent email from Contact Us form
Customer Made a Payment
Customer Edited a Payment
Customer Canceled a Payment
Customer Created AutoPay Enrollment
Customer Updated AutoPay Enrollment
Customer Canceled AutoPay Enrollment
Customer Submit AutoPay Pre-Enrollment form
Customer Submit Loan Application

Disclosures about Microsoft Clarity

Microsoft Clarity is provided by Microsoft, to analyze how visitors use and interact with our Sites. Microsoft Clarity collects behavioral data, such as clicks, scrolls, mouse movements, and other interaction events, to help us better understand user engagement and improve the overall user experience.

How Microsoft Clarity Works

Microsoft Clarity uses first-party cookies and other tracking technologies to capture data about your behavior on our Sites. This data may include, but is not limited to, your interactions with content, the duration of your visits, pages viewed, and navigation patterns. Clarity also enables us to generate heatmaps and session replays:

Heatmaps: Microsoft Clarity generates heatmaps that visually represent user interactions on our Sites. These heatmaps show which areas of the page receive the most attention, based on user clicks, scrolls, and mouse movements. This data helps us identify which content and areas of our Sites are most engaging to users and which sections may need improvement or optimization.
Session Replays: Clarity also records session replays, which are recordings of individual user interactions with our Sites. This allows us to review user behavior, understand how visitors navigate the Sites, and identify any issues they may encounter during their sessions. These replays are used to help us improve website design, enhance user flow, troubleshoot issues, and ensure a smoother overall experience for visitors.

Purpose of Data Collection

We use the data captured through Microsoft Clarity for the following purposes:

Website Optimization: To better understand how visitors interact with our Sites and to identify areas for improvement in layout, design, and functionality. This helps us enhance your experience by providing relevant and easy-to-navigate content.
Site Performance and Usability: To ensure the Sites are user-friendly and to analyze the effectiveness of specific design changes or content updates.
Security and Fraud Prevention: To detect and prevent any fraudulent or suspicious activities on our Sites.

Data Collection and Privacy

Microsoft Clarity collects and processes data using cookies and other tracking technologies. The information gathered is generally anonymous and aggregated, but it may include Personal Data in certain circumstances, such as when it is linked with your account on our Sites. You can learn more about the data Microsoft collects and how it is used by visiting the Microsoft Privacy Statement.

Opting Out of Microsoft Clarity

You have the option to opt-out of Microsoft Clarity’s data collection. For more information on how to disable or manage cookies in your browser, or to opt-out of data collection by Microsoft Clarity, please visit Microsoft Privacy Statement.

Disclosures about Google Analytics

We use Google Analytics, a popular web analytics service provided by Google, Inc. Google Analytics generates statistical and other information about use of our Sites by means of cookies, which are stored on visitors’ computers. It counts the number of visitors and tells us things about their behavior overall – such as the typical length of stay on the Sites or the average number of pages a user views. The information generated relating to our Sites is used to create reports about the use of the Sites. Google will store this information. Google’s privacy policy is available at: https://policies.google.com/privacy/. You can learn more about how to opt out of the collection and processing of such information by Google by visiting this website: https://tools.google.com/dlpage/gaoptout.

How can I change or update my Personal Data with SFS?

If you have questions about Personal Data you provided on our Sites or wish to update information, you may contact us as follows:

MAIL

Stellantis Financial Services
ATTN: Privacy Preferences
3065 Akers Mill Rd, Suite 700
Atlanta, Georgia 30339

EMAIL

privacy@stellantis-fs.com

What steps does SFS take to protect Personal Data collected?

We restrict access to the Personal Data obtained to only those employees, agents, service providers, and contractors who need it to do their jobs. We maintain administrative, technical, and physical safeguards designed to protect your Personal Data. Companies that provide services on our behalf whose work involves access to Personal Data are required by contract to protect customer information and keep it confidential. They are only allowed to use the information they collect for the purpose of providing the services that we have contracted to them.

Data of Children and Minors

We do not intentionally collect or maintain data about children under 13, and our Sites are not intended for children under 16.

We have no actual knowledge of any sale of Personal Data for persons that are less than 18 years of age.

Persons Outside the United States

Our Sites are intended for use by individuals located in the United States. You understand and agree that any Personal Data may be transferred from the country of your location to the United States. We reserve the right to deny access to our Sites when you are located internationally.

What are my Privacy Rights and Choices?

As a financial services entity, SFS is subject to federal laws regarding consumer privacy, including, but not limited to the Gramm-Leach-Bliley Act (“GLBA”). Depending on your state of residence and applicable laws, you may have certain privacy rights regarding your Personal Data as well, as described below.

Consumers in certain states may have the following privacy rights as it applies to Personal Data, except when an applicable exception applies, such as regarding data covered by the GLBA.

Privacy Rights Available

Access/Know/Confirm: You may have the right to request access to the Personal Data we hold about you, including:
- The categories of Personal Data we have collected about you.
- The categories of sources from which the Personal Data was collected.
- The business or commercial purpose for collecting, selling, or sharing Personal Data.
- The categories of third parties with whom we have disclosed Personal Data, including a list of specific third parties to which we have disclosed Personal Data.
- The specific pieces of Personal Data we have collected about you.
Request Correction: You may have the right to request corrections to any inaccurate or incomplete Personal Data.
Request Deletion: You may have the right to request that we delete your Personal Data, subject to applicable legal obligations.
Right to Limit Use and Disclosure of Sensitive Personal Data: You may have the right to request that we limit the use and disclosure of Sensitive Personal Data to only what is necessary to provide the products and services you requested.
Opt-Out of Sales or Sharing for Cross-Context Behavioral Advertising: You may have the right to opt out of the sale or sharing (as such term is defined under applicable law) of your Personal Data for cross-context behavioral advertising. Such opt-out right may be available through an opt-out preference signal such as the GPC
Opt-Out of Targeted Advertising or Profiling/Automated Decision-Making Technology (ADMT): You may have the right to opt out of the use of your Personal Data for targeted advertising or profiling/ADMT that produce legal effects or effects of similar significance. Such opt-out right may be available through an opt-out preference signal such as the GPC. With regards to profiling/ADMT, you may also be able to question the results of the profiling/ADMT and ask to be informed of the reasons for a profiling/ADMT decision. You may also have the right to review the Personal Data used in profiling/ADMT and have the Personal Data corrected and reevaluated if it was determined to be inaccurate.
Revoke Consent: You may have the right to revoke a previously provided consent for the processing of your Personal Data.
Appeal: You may have the right to appeal the decisions we make in response to your privacy requests. To do so, please contact us in the ways we offer to submit requests.

Privacy Rights Disclaimers

We will acknowledge receipt of your request within 10 days of receipt and advise you how long we expect it will take to respond if we are able to verify your identity depending on when we are required to do so.

Please be aware that in some instances, we may not be able to honor your request. For example, we will not honor your request if we cannot verify your identity (when required) or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where a legal exception applies, such as where the disclosure of Personal Data would adversely affect the rights and freedoms of another consumer, the request would interfere with a legal requirement such as mandatory data storage periods, the request would interfere with our ability to run basic business functions such as account servicing, or where the Personal Data that we maintain about you is not subject to a Privacy Right, among others. We will advise you in our response if we are not able to honor your request.

We will not provide Social Security numbers, driver’s license numbers or government issued identification numbers, financial account numbers, health care or medical identification numbers, account passwords or security questions and answers, or any speciﬁc pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft or fraud or unreasonable risk to data or systems and network security. However, we will confirm whether we have collected those types of Personal Data about you.

We will work to process all requests within 45 days. If we need an extension for up to an additional 45 days in order to process your request, we will provide you with an explanation for the delay.

SFS will not discriminate or retaliate against you if you choose to exercise any of your rights as described in this section.

If you submit a request on behalf of another person, we may require proof of authorization and verification of identity directly from the person for whom you are submitting a request depending on the legal requirements to do so.

Only you, an authorized agent, parent or legal guardian of a minor child, a person who has power of attorney or is acting as a conservator, or a person registered with the relevant authority, such as the California Secretary of State, whom you authorize to act on your behalf, may make a consumer request related to your Personal Data.

Verifiable Privacy Rights (Verifiable Consumer Request):

State privacy laws may prescribe when the consumer making a request to exercise a privacy right request must be verified:

We will not verify for:
- Requests for Opting Out of Sales/Shares
- Requests for Opting Out of Targeted Advertising and Profiling/Automated Decision-Making Technology
- Requests to Limit Use and Disclosure of Sensitive Personal Data
We may request verification for:
- Requests to Access/Know/Confirm
- Request Correction
- Requests to Delete
For revoking consent, we strive to ensure that revocation is relatively barrier free, and we will only seek the information needed to confirm the request and you are the correct individual.

For a Verifiable Consumer Request, you must be able to:

Describe your request with sufficient detail to allow us to properly understand, evaluate, and respond; and
Provide sufficient information to allow us to reasonably verify you are the resident about whom we collected Personal Data or an authorized representative of such resident. The information you provide may include:
- Full name or Account Number
- Address;
- Email address; and
- Other information that authenticates you (if a customer) or verifies you (if non-customer or authorized party).

We will only use Personal Data provided in a Verifiable Consumer Request to verify the requestor’s identity or authority to make the request. We will match this information against our business records to verify your identity.

How to Exercise Your State Privacy Rights

You may submit a request by:

Sending an e-mail to privacy@stellantis-fs.com
Calling us toll free at: 800-234-0971 (Financed Vehicles) or 800-439-0985 (Leased Vehicles) during business hours.

Authorized Agents

Authorized agents are not required to provide verification when seeking to submit Requests to Opt-out of Sale/Sharing, Targeted Advertising + Profiling/Automated Decision-Making Technology, and Requests to Limit.

For other request types by authorized agents, we may require your signed permission demonstrating the agent has been authorized by you to act on your behalf.

Retention of Personal Data

We will retain your Personal Data for as long as reasonably necessary to fulfill the purpose(s) for which it was collected, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and to comply with applicable laws or regulations.

After this period, your Personal Data is deleted, except for information we are legally required or permitted to retain in archival systems.

Questions or Concerns

You may contact us with questions or concerns about this Privacy Policy and our practices as follows:

After this period, your Personal Data is deleted, except for information we are legally required or permitted to retain in archival systems.

MAIL

Stellantis Financial Services
ATTN: Privacy Preferences
3065 Akers Mill Rd, Suite 700
Atlanta, Georgia 30339

EMAIL

privacy@stellantis-fs.com

Will SFS make changes to this online privacy policy?

This Privacy Policy is effective as of March 30, 2026. Unless otherwise stated, any future modifications to this Privacy Policy will go into immediate effect after they have been posted, as indicated by the Last Updated date at the beginning of this Privacy Policy. We reserve the right to alter this Privacy Policy at our discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. Any change to this Privacy Policy will be posted on our Sites in a timely manner.