Metropolitan Transportation Commission
Clipper® Program Privacy Policy
The effective date of this Privacy Policy is November 16, 2011
Last updated February 21, 2019


The Metropolitan Transportation Commission (MTC) is committed to ensuring Clipper® customer privacy and security. Specifically: (1) MTC will not provide personally identifiable information (PII) from Clipper accounts to any third party without express customer consent, except as described in the Privacy Policy; (2) PII from Clipper® accounts will never be provided to advertisers for their use; and (3) MTC will maintain a secure environment for customer PII.

This Privacy Policy is intended to provide an understanding of how MTC handles PII collected by the Clipper® Fare Payment System (FPS) program. Among other things, this policy explains the types of information collected from Clipper® customers; the third parties with whom MTC may share this information; and the process by which Clipper® customers are notified about material changes to this Policy.

MTC engages contractors to operate and maintain the Clipper® FPS program including conducting Customer Service Center (CSC) activities, on behalf of MTC. Those contractors are collectively referred to as the “Clipper® Contractors.” Clipper®’s Terms and Conditions ( notify customers that by enrolling in the Clipper® program and/or using the system, the customer is allowing MTC, the Clipper® Contractors, and other third parties referenced herein to process personal information according to the provisions set forth in the Clipper® Cardholder License Agreement and this Privacy Policy.


The following definitions apply:

Personally Identifiable Information (PII): PII identifies or describes a person or can be directly linked to a specific individual. Examples of PII include but are not limited to, a person's name, mailing address, business name, alternate contact information (if given), email address, Clipper® card serial number, telephone number, bank account information, credit card number, security code and expiration date, photograph and Travel Pattern Data.

Aggregate Data or Aggregate Information: Aggregate Data or Aggregate Information is statistical information that is derived from collective data that relates to a group or category of persons from which PII has been removed. Aggregate Data reflects the characteristics of a large group of anonymous people. MTC may use Aggregate Data and provide Aggregate Data to others for such things as generating statistical reports for the purpose of managing the Clipper® program operations.

Anonymous Data or Anonymous Information: Anonymous Data or Anonymous Information is disaggregated data from which all PII has been removed, that does not identify or describe a person and that cannot be directly linked to a specific individual. MTC may use Anonymous Data for any of its statutorily-authorized purposes and may make Anonymous Data available to third parties.

Travel Pattern Data: Travel Pattern Data is information concerning an individual Clipper® user's trip start and end points, routes used, and date(s) and time(s) traveled. A Clipper® user's trip start and end points, routes used, and date(s) and time(s) traveled do not constitute Travel Pattern Data if such information (1) is dissociated from any specific individual to create Anonymous Data or (2) is combined with other data to create Aggregate Data.

Collection of Personally Identifiable Information

A Clipper® card may either be registered or unregistered. MTC, through the CSC, collects PII in order to register Clipper® cards with the Clipper® FPS. Examples of PII include a Clipper® cardholder's name, address, telephone number, email address, bank account information, credit card number and expiration date, photograph or other information that personally identifies a Clipper® cardholder. MTC obtains this PII from applications and other forms submitted by Clipper® cardholders to the CSC by telephone, mail, facsimile transmission or by electronic submission through the Clipper® website and from the Clipper® Participating Transit Agencies listed below who receive applications for Regional Transit Connection (RTC) Discount ID cards and manage institutional programs such as “AC Transit EasyPass” and “VTA Smart Pass.” Travel Pattern Data is collected as a byproduct of the use of the Clipper® card in the Clipper FPS. In addition, if a Clipper® cardholder participates in a bike share program that uses the Clipper® card serial number as an identifier for membership, MTC may obtain such serial number along with bike trip records, including origin and destination stations and times traveled, from the bikeshare program operator.

How MTC uses Personally Identifiable Information

MTC uses the PII provided in order to process enrollments, manage accounts, promote Clipper® program improvements, perform data analysis to inform MTC initiatives, respond to questions, send customer emails about Clipper® program updates, provide information regarding significant changes to this Privacy Policy, and otherwise communicate with Clipper® customers, but only after satisfying any applicable requirements of law, such as requirements to seek customer consent to receive certain types of communications.

PII is only utilized as described in this Privacy Policy.

Third Parties with Whom MTC May Share Personally Identifiable Information

MTC may share PII with the Alameda-Contra Costa Transit District (AC Transit), the Golden Gate Bridge, Highway and Transportation District (Golden Gate Transit); the Peninsula Corridor Joint Powers Board (Caltrain); the San Francisco Bay Area Rapid Transit District (BART); the City and County of San Francisco, acting by and through its Municipal Transportation Agency (SFMTA); the San Mateo County Transit District (SamTrans); the Santa Clara Valley Transportation Authority (VTA); the San Francisco Bay Area Water Emergency Transportation Authority (WETA); Central Contra Costa Transit Authority; the City of Fairfield, as the operator of Fairfield and Suisun Transit; City of Petaluma; Eastern Contra Costa Transit Authority; Livermore/Amador Valley Transit Authority; Marin County Transit District; Napa Valley Transportation Authority; Solano County Transit; Sonoma County Transit; Vacaville City Coach; Western Contra Costa Transit Authority; the City of Santa Rosa; the City of Union City; and the Sonoma-Marin Area Rail Transit District (SMART) (collectively referred to herein, together with any other transit operators who may begin collecting fares through the Clipper® FPS, as Clipper® Participating Transit Agencies) for the purpose of operating and managing the Clipper® FPS. In addition, MTC and the Clipper® Participating Transit Agencies may disclose PII to the Clipper® Contractors or their other contractors, but only for the purpose of operating and maintaining the Clipper® FPS, such as managing patron accounts and revenue collection. These contractors are provided only with the PII they need to deliver the service. MTC requires its service providers to maintain the confidentiality of the PII and to use it only as necessary to carry out their duties under the Clipper® Program.

Besides these entities, PII will not be disclosed to any other third party without express customer consent, except as required to comply with laws or legal processes served on MTC or the Clipper® Contractors.

Retention of Personally Identifiable Information

MTC, through the Clipper® Contractors, shall only store the PII of a Clipper® customer that is necessary to perform account functions such as billing, account settlement, or enforcement activities. All other information shall be discarded no more than four years and six months after fare payment has been made. All PII shall be discarded no later than four years and six months after the account is closed or terminated.

Security of Clipper® Personally Identifiable Information

MTC is committed to the security of customer PII. PII provided by Clipper® customers is stored on computer servers that are located in secure, controlled facilities. Servers are designed with software, hardware and physical security measures in place to prevent unauthorized access.

Access to PII is controlled through the following administrative, technical, and physical security measures. By contract, third parties with whom MTC shares PII are also required to implement adequate security measures to maintain the confidentiality of such information.


  • Access to PII is limited only to certain operations and technical employees for limited, approved purposes based on their specific work responsibilities.
  • Privacy and security training is required for employees with access to PII upon hire. In addition, regular periodic refresher training is required for those employees.


  • Clipper® network perimeters are protected with firewalls.
  • Electronic storage of PII is encrypted.
  • Electronic connections to and from the Clipper® website are encrypted.
  • Vulnerability and penetration tests are conducted on the Clipper® system.
  • Employees' use of Clipper® customer databases is monitored.


  • Physical access to MTC and Clipper® Contractor servers is restricted to authorized technical personnel.
  • Data center access to approved technical personnel is restricted via passcode authentication and other security protocols.

In addition to MTC's policies and procedures implementing PII security, the Clipper® customer must also do such things as safeguard passwords, PINs, and other authentication information that may be used to access a Clipper® account. Clipper® customers should not disclose authentication information to any third party and should notify MTC of any unauthorized use of their passwords. MTC cannot secure PII that is released by Clipper® customers or PII that customers request MTC to release. In addition, there is a risk that unauthorized third parties may engage in illegal activity by such things as hacking into MTC's security system or the security system of a Clipper® Contractor or by intercepting transmissions of personal information over the Internet. MTC is not responsible for any data obtained in an unauthorized manner, and MTC is the only entity that may authorize obtaining data from the Clipper® FPS.

Please note that unless the Clipper® customer initiates an inquiry or is logged into the secure Clipper® customer website, the Clipper® Contractors will never ask Clipper® customers to provide or confirm any information in connection with Clipper® such as credit card numbers, Clipper® card serial numbers or other PII. If a customer ever has any doubt about the authenticity of an email regarding Clipper® , the customer should open a new web browser, type in , log into the customer's Clipper® account, and then perform the requested activity.

Account access and controls

Creating an account with Clipper® is at the customer’s discretion. The required account information consists of PII such as name, business name, mailing address(es), email address, telephone number, bank account number, and credit card number, expiration date and security code. MTC may request other optional information, such as alternate contact information, but, in such instances, clearly indicates that such information is optional.

Customers can review and update personal account information at any time. Customers are also able to modify, add, or delete any optional account information by signing into their Clipper® account and editing the account profile. Deletion of some account information, such as a customer’s primary funding source, may require contacting the CSC by telephone. PII can also be reviewed and edited online as discussed below under “Updating Personally Identifiable Information.” Clipper® customers can close their account at any time by submitting a completed Clipper® Cancellation Form (available at All account information will be deleted no later than four years and six months after the account is closed or terminated.

Aggregate Data

MTC may also combine the PII provided by Clipper® customers in a non-identifiable format with other information to create Aggregate Data that may be disclosed to third parties. Aggregate Data is used by MTC to improve the Clipper® program, to inform other MTC initiatives and for the marketing of Clipper®. Aggregate Data does not contain any information that could be used to contact or identify individual Clipper® customers or their accounts. For example, MTC may inform third parties regarding the number of Clipper® accounts within a particular zip code. MTC requires third parties with whom Aggregate Data is shared to agree that they will not attempt to make information personally identifiable, such as by combining it with other databases.

Anonymous Data

MTC may also remove all PII from data developed as a byproduct of the use of the Clipper® FPS to create Anonymous Data that may be disclosed to third parties. MTC may use Anonymous Data for any of its statutorily-authorized purposes and may make Anonymous Data available to third parties. Anonymous Data does not contain any information that could be used to track, contact or identify individual Clipper® customers or their accounts. For example, MTC may share a dataset that includes information such as where and approximately when a sample of anonymous Clipper® users traveled on certain days in a given month. MTC requires third parties with whom Anonymous Data is shared to agree that they will not attempt to make information personally identifiable, such as by combining it with other databases or reverse engineering the data.

Clipper® Mobile Website

The Clipper® mobile-optimized website can be found at If a customer types in using a phone or tablet, will redirect the customer to

When the customer accesses, location information, IP address, and other information may be collected by the mobile device's platform provider and/or the customer's data carrier. Before a customer accesses, he or she should review the terms of use and privacy policy of the customer's platform provider and data carrier to determine how they collect, use, and/or retain PII. MTC is not responsible for the terms of use or privacy policies of the platform providers or data carrier, or the use of PII, by such entities.

Website Usage Metrics

The Clipper® websites use a third-party traffic measurement service called Google Analytics to gather and compute website usage metrics. Google Analytics collects customers’ IP addresses and the pages the users are visiting. MTC and its contractors use this information for such things as analyzing results of Clipper® marketing campaigns and making recommendations for website improvements and may include such information as Aggregate Data in operational reports and presentations. Google Analytics may set a cookie that will enable it to function properly. To find out more about Google Analytics’ privacy principles, visit the Google Analytics Privacy and Security Page at


The Clipper® websites ( and store "cookies" on the computer systems of users of the websites. Cookies are small data elements that a website can store on a user's system.

The cookies used by the Clipper® websites facilitate customers' use of the websites (e.g. remember login names and passwords until the session has ended). The Clipper® websites do not require that users of the websites accept these cookies. Customers may change their browser security settings to accept or reject cookies.

Once a patron leaves a Clipper® website, the privacy policy of other websites visited or linked from the Clipper® website should also be reviewed to understand how these external sites utilize cookies and how the information that is collected through the use of cookies on these websites is utilized.

MTC does not knowingly engage in business with any company or vendor that uses spyware or malware. MTC does not market detailed information collected from web sessions that can be directly tied to personal information. Further, MTC does not provide Clipper® customers with downloadable software that collects or utilizes any PII.

Third-Party Websites and Applications

The Clipper® websites may contain links to third-party websites operated by entities that are affiliated with Clipper®. These web links may be referenced within content or placed beside the names or logos of the other entities. In addition, third-party websites may exist that reference one or more of the Clipper® websites. MTC does not disclose PII to these third-party websites.

WARNING: Once a patron enters external websites (whether through a service or content link or directly through a third-party website), MTC is not responsible for the privacy practices of those other websites. Please review all privacy policies of external websites you may visit from links on the Clipper® websites before using or providing any information to such other websites.

In addition, MTC is not responsible for third-party applications that access or make use of the Clipper® websites or any features thereof ("Apps"). Before a Clipper® customer downloads or accesses Apps, he or she should review the terms of use and privacy policies of the Apps to determine how they collect, use, and/or retain PII. MTC is not responsible for the terms of use or privacy policies of Apps, or the use of PII by such Apps.

Updating Personally Identifiable Information
Certain PII can be reviewed and edited online at The Clipper® website uses functions that have the ability to collect and store self-reported data. These functions enable Clipper® customers to revise, update or review information that has been previously submitted by going back to the applicable function, logging in, and making the desired changes. In addition to this method, customers may update their PII by telephoning the Clipper® Customer Service Center at 877.878.8883.

Complaints or problems regarding updating personal information should be submitted via the website. The Clipper® Customer Service Center will either resolve the issue or forward the complaint to an appropriate MTC staff member for a response or resolution. MTC strives to answer all queries within 48 business hours, but it may not always be feasible to do so.

If an adequate resolution is not received, please contact MTC's Privacy Officer at:
Metropolitan Transportation Commission
Attn: Privacy Officer
375 Beale Street, Suite 800
San Francisco, CA 94105
Or email:
Or call: 415.778.6700

Changes to this Privacy Policy

Material Changes - MTC will inform Clipper® customers if material changes are made to the Clipper® Program Privacy Policy, in particular changes that expand the permissible uses or disclosures of PII allowed by the prior version of the Privacy Policy. If MTC makes material changes to the Clipper® Privacy Policy, MTC will notify Clipper® customers by means of posting a conspicuous notice on the Clipper® website that material changes have been made.

Immaterial Changes - MTC may also make non-substantive changes to the Privacy Policy, such as those that do not affect the permissible uses or disclosures of PII. In these instances, MTC may not post a special notice on the Clipper® website.

If MTC decides to make any change to the Clipper® Privacy Policy, material or immaterial, MTC will post the revised policy on the Clipper® website, along with the date of any amendment.

MTC reserves the right to modify this Privacy Policy at any time, so the policy needs to be reviewed frequently by Clipper® customers.

When MTC revises the Privacy Policy, the "last updated" date at the top of the Privacy Policy will reflect the date of the last change. We encourage Clipper® customers to review this Privacy Policy periodically to stay informed about how MTC protects the security of PII collected for the Clipper® Program. Continued use of the Clipper® Program constitutes the customer's agreement to this Privacy Policy and any updates.

Emails Sent to MTC

This Privacy Policy does not apply to the content of emails transmitted directly to MTC. Please do not send PII in an email directly to MTC in order to keep content or data private.

Contact information

MTC welcomes comments on the Clipper® Privacy Policy. Also, if there are questions about this statement, please contact the MTC Privacy Officer at the address, email or phone number listed above.

History of Changes to Privacy Policy

Date Activity
March 3, 2006 Privacy Policy established
November 15, 2010 Revisions to Privacy Policy
November 16, 2011 Revisions to Privacy Policy
October 19, 2012 Revisions to address third-party applications that access or make use of the Clipper® Website
April 24, 2013 Revisions to reduce retention period for personal account information from seven years to four years and six months after an account is closed or terminated
May 21, 2014 Revisions to make miscellaneous clarifying changes
November 12, 2014 Revisions to add definitions for travel pattern data and anonymous data, clarify how anonymous data is used, and make other general changes
January 3, 2017 Revisions to identify additional Clipper® Participating Transit Agencies, address the Clipper® mobile website and website usage metrics, and to make other clarifying changes
February 21, 2019 Revisions to address information that may be obtained from bike share program operators, identify additional Clipper® Participating Transit Agencies, and make other clarifying changes

See FAQs about Clipper's Privacy Policy.

Clipper Customer
Service Center

Phone: 877.878.8883
TDD/TTY: 711 or 800.735.2929
Fax: 925.686.8221

Mon – Fri: 6 a.m. – 8 p.m.
Sat – Sun: 8 a.m. – 5 p.m.

Contact Us    |    Forms

Brand Guidelines


The Metropolitan Transportation Commission, as a public agency responsible for Clipper®, is committed to operating its programs and services in accordance with federal, state and local civil rights laws and regulations. Please click below for more information on:



Copyright ©2017, Metropolitan Transportation Commission. All rights reserved.