|
PRIVACY NOTICE & INTERNET SECURITY
STATEMENT
The Gramm-Leach-Bliley Act of 1999 requires financial institutions
to establish privacy policies and disclose them annually to
all their members, or customers, setting forth how the institution
shares nonpublic personal financial information with affiliates
and third parties.
The credit union does everything we can to protect the privacy
of consumers and our members, including those who visit our
web site. We value your time and your interest in the credit
union. We place a high priority on ensuring the security and
the privacy of data pertaining to each member. The credit
union is aware that as members, you have entrusted us with
your financial information and accounts, and also have shared
personal information with us.
Consumer Data Protection and Privacy Practices
The credit union's board of directors and staff believe it
is important to inform you of the data protection and privacy
practices that we have instituted. We have:
- Established specific security protection practices to
ensure privacy of information.
- Defined control methods to limit access to consumer information.
- Formalized procedures and processes to ensure the maintenance
of accurate information.
- Established procedures and restriction on disclosure
of member account information.
- Defined standards for consumer data collection, use and
methods of storage.
- Required consumer data privacy covenants in third-party
service and business arrangements.
- Ensured that our staff is committed to protect a member's
right to data privacy.
- Disclosed to our members our privacy benchmarks and provided
an overview of institution privacy practices.
To ensure that we successfully accomplish these priority
practices, as an organization we have:
- Established formal guidelines for management and staff
to ensure that the protection of consumer data and staff
awareness of data privacy are top priorities.
- Developed and provided to potential and existing members
a detailed notice about our data protection and privacy
policy and practices.
- Established guidelines to ensure that proper procedures
and controls are in place to address those situations required
by law when we must disclose nonpublic personal information
about you.
This notice serves as a reference guide for consumers, members,
credit union staff, and management regarding the protection
of your member data and your privacy.
Accuracy of Information
Every effort is made to ensure that our records of your information
are complete and correct. If an error is noted on your statement
or in any other communication from us, please contact us as
soon as possible at either 800-522-3535 or 405-879-5600.
The Collection and Use of Information
We need to collect information about you to conduct our business
relationship. However, in order to protect your information,
we maintain and enforce strict security procedures. We collect
nonpublic personal information about you from various sources,
including:
- Information we received from you on applications or other
forms.
- Information about your transactions with us, our affiliates
or others.
- Information we receive from a consumer-reporting agency.
We collect only the information necessary to deliver quality
products and services to our members. Only authorized employees
have access to member information. We also are continually
assessing new technology, as it becomes available, to continue
to best protect your privacy.
Sharing of Information in Other Circumstances
We do not disclose any nonpublic personal information about
you to anyone, except as permitted by law. As permitted by
law, we may share information about your identity (such as
name, social security number and driver's license number),
transactions with our credit union (such as account numbers
and repayment history), your application (such as income and/or
asset information), and credit report or other similar information
(such as information about your credit history). Situations
where this type of sharing of information would be appropriate
could include:
- When we contract with third parties to help deliver our
services to you.
- When credit bureaus or others, as appropriate, ask for
credit references in the course of customary business practices.
- As required or permitted by law.
If you decide to close your account or become an inactive
member, we will adhere to the privacy policies and practices
as described in the notice.
Confidentiality of Consumer Information in
Other Circumstances
Our Web Site
When you visit our web site at www.comfedcu.org, we want you
to feel secure that we are respecting your privacy. The only
private information we have about you is the information you
choose to give us (such as providing feedback or completing
a form). We do not release that information to others without
notifying you on the form and obtaining your consent. We may
use "cookies" on some pages of our web site for
the purpose of serving you better when you return to our site.
A cookie is a small element of data that a web site can send
to your browser, which may then be stored on your system.
Data collected from cookies helps us determine how many people
visit certain pages, ultimately enabling us to improve our
site design and content. Your web browser can be set to provide
you a notice before you accept a cookie.
If you have any questions concerning this privacy notice,
please call 800-522-3535 or 405-879-5600 or visit the branch
nearest you.
Internet Security
Statement
Our
Credit Union is constantly concerned about our member’s
critical information and privacy. With this in mind, we have
the following security services installed on our Internet
server:
-
Each server is behind a Firewall. This UNIX based
hardware product blocks critical ports and IP addresses on
servers from external attack and access.
-
Each server runs proprietary software that constantly
monitors the servers for unauthorized use and attempts to
"hack" into information. Administrators are contacted when
forced attacks are committed, and countermeasures can be
applied to stop these instances.
-
All administrative activity requires user login and
authentication. All administrative updates are logged into
files that can be reviewed later.
-
All servers come with a Global Verisign Certificate (RSA)
for digitally encrypted communications between the Web
server and member. Information passed in applications
cannot be decrypted by third parties attempting to "pick"
information being passed across the Internet backbone.
-
All servers run the latest version of Apache Web
Server, considered the strongest and most secure Web server
software on the market
Information Collected
We do not collect information that personally identifies a
user of our web site unless the user voluntarily provides that
information to us. When you access our web site, we
automatically collect information that cannot personally
identify you, including the date and time of access, the
domain you use, the web site you last visited before accessing
our site, and the route you travel while visiting within our
web site. This information is used to measure the number of
visitors to our web site and to provide better service to
users through improved web site design and navigation.
We do not market our products and services to children, and we
will not knowingly collect or maintain information from
children via the Internet.
Member Only Areas (CU Online & E-statements)
Personal identification information (for example, account
number, personal identification number (PIN), and password) is
collected when a valid credit union member with active
account(s) has registered to enter the secure online
transactions area of our web site. This personal
identification information enables us to regulate access to
those who request such access and can provide the correct
personal information. To protect yourself, it is important
that you keep your personal identification information
confidential. Select PINs and passwords that are unique to you
and not easily guessed, and if possible, change them
periodically. Take care to see that others are not able to
view the information you enter when you use a protected area
of a web site.
Cookies
We use "cookies," which are temporary text files a web site
stores on a visitor's web browser to carry forward information
the visitor enters on one page to others he or she visits. The
cookies help to protect the privacy of a member's [customer's]
transaction privacy by automatically terminating online
sessions when he or she forgets to log out. When used, cookies
cannot capture a user's email address, obtain data from the
user's hard drive, or gain confidential or sensitive
information about the user. A cookie also cannot be read by
any web site other than the one that sent the cookie.
Online Forms
We provide online forms and applications to better serve the
needs of our members. Personal information provided via an
online form is used to process the member's request for
service. Our online forms are sent directly via our secure
internal network. (See Email, below.)
Email
In general, Internet email messages are not secure, unless
they are encrypted. You should use discretion before
submitting any personal or financial information via email.
Information communicated via email messages traveling through
the Internet may be intercepted, collected, used or disclosed
by others. If you are concerned about the security of email
communications, please send your forms or correspondence
through the postal service or use the telephone to contact us
directly.
Links to Other Sites
Our web site contains links to other web sites. These sites
are not under our control. They may collect information about
you that we do not. We are not responsible for the privacy
practices or content of linked web sites.
|
