The Board of Directors has developed this policy, to help our members understand that we maintain an unwavering commitment to protect the privacy of our members.
“Nonpublic Personal Information” is defined as personally identifiable financial information provided by our members to the credit union (such as, on Membership card and Loan Application) or resulting from any transaction between the members and the credit union. Even though the definition excludes publicly available information (such as, Name and Address), the definition includes public information sorted by use of personal information (such as, age, income level, etc.). Therefore, if the credit union provides a list of members’ names to a vendor for Marketing purposes, which has been sorted based on a certain minimum income or maximum age, that list is considered “Nonpublic Personal Information”.
“Non-Affiliated Third Parties” are those entities that do not have an association with, or ownership interest in, our credit union. Such as:
* Financial service providers, such as companies providing automobile insurance
*Non-financial companies, such as travel agencies and automobile dealerships
*Other companies that provide consumer discount programs
Agreements with third parties to support our credit union’s transactions, or perform services or functions on behalf of our credit union, are not subject to this policy (such as our Data Processors, Check Printer, Vendors who Prepare Account Statements, Debit Card Processor, Student Loan Services, CUNA Mutual Group (Member Connect Program), Credit Reporting Agencies, or appropriate government agencies such as State Government (Child Support Matching), IRS and the NCUA, etc.), for any information given will remain confidential and will not be shared with others.
Only third party relationships with companies marketing either the credit union’s own products or services or other companies products and services, these are subject to be disclosed to the members.
Our credit union will disclose annually, to each member of the credit union, our policies and practices on protecting their nonpublic personal information to non-affiliated third parties. Also, the disclosure must be given to all members who wish to join our credit union. All contracts with non-affiliated third parties, that wish to market our products and services or their products and services to our members, must have a provision requiring confidentiality and forbidding the reuse of the information for other purposes. When entering into a contract with a non-affiliated third party, for above purposes, our credit union must disclose to our members that personal information will be shared “WITH THIS THIRD PARTY FOR MARKETING PURPOSES AND THAT THE INFORMATION GIVEN WILL NOT BE REUSED”. Informing our members of this will allow them to choose to decline having their information shared.
The employees and the volunteer committee must follow all security procedures, pertaining to our member’s accounts, prohibiting any one from receiving information on their accounts. The member must provide a written authorization to allow information, pertaining to their account, given. Prohibit any non-affiliated third parties (other than the excluded ones) from receiving any of our members’ account numbers or similar access numbers for joint marketing purposes. The credit union must send out, 30 days in advance, the Privacy Notice Disclosure and Opt Out Notice to all members, before releasing any nonpublic information to non-affiliated third parties for joint marketing purposes. This is giving our members the option to choice.
FRAUDULENT ACCESS TO FINANCIAL INFORMATION:
It is a Federal crime, subject to heavy fines and imprisonment up to 10 years, for anyone to make a fraudulent statement or representation to our credit union in order to obtain nonpublic information about our members (this is referred to as “pre-text calling”).
The law does not apply to the credit union for testing our security procedures for maintaining confidentiality of information or investigating allegations of employees’ misconduct.
This policy was written and approved to comply with the Gramm-Leach-Bliley Act of 1999 and may be subject to change for compliance purposes.