General Policy Statement:
The Credit Union recognizes its responsibility to protect the privacy of member nonpublic personal information. The purpose of this policy is to set forth the guidelines under which such information may be shared with third parties. It is the intent of the Credit Union and any of it's affiliates to abide by all applicable laws and regulations governing the privacy of nonpublic personal information including NCUA Privacy of Consumer Financial Information rule (Part 716) and the FTC Privacy rule (Part 313) for affiliates, issued to implement the provisions of the Gramm-Leach-Bliley act.
- Affiliate. To be considered an affiliate, the Credit Union must have the ownership, control or power to vote 25% of the shares; control the election of a majority of the directors, trustees and partners; the power to exercise a controlling influence over the company's management of policies, or have any ownership interest in a company that is 67% owned by credit unions.
- Consumer. A consumer is an individual who has obtained a financial product or service from the Credit Union for personal, family or household purposes. A consumer is not necessarily a member of the Credit Union
- Member. A member is a consumer with whom the Credit Union has, or has had in the past, a continuing relationship where the Credit Union has provided one or more financial products or services for personal, family or household purposes. (Example: i. joint account held by a member and a nonmember spouse, ii. a former member.)
- Nonpublic Personal Information. This information must be personally identifiable with the consumer, be obtained by the Credit Union in the course of providing a financial product or service to that consumer, and not be publicly available.
- COLLECTION OF INFORMATION. In the course of delivering products and services, the Credit Union obtains member information, either directly from the member or from outside sources. This information is used to comply with federal and state laws and regulations, to provide effective member service and to inform members of product and services which may be of interest.
- MAINTENANCE OF ACCURATE INFORMATION. The Credit Union will exercise reasonable caution in the gathering and maintenance of information to ensure its accuracy. When inaccurate information is discovered, it will be corrected as promptly as possible.
- DISCLOSING INFORMATION TO THIRD PARTIES. The Credit Union will not sell or provide personal nonpublic information to third parties for their independent use. The Credit Union may share personal nonpublic information with its affiliate, if applicable. The Credit Union also may share its experience information about the member with credit bureaus. The Credit Union's reporting to credit bureaus is governed by the Fair Credit Reporting Act, which affords the member the right to make sure that its credit bureau reports are accurate. It is the Credit Union's policy to prohibit the disclosure of nonpublic personal information to non-affiliated third parties, however except under the following conditions:
- When disclosure is required to complete member-authorized transactions (such as check or credit card processing).
- To verify information for a third party (such as a credit bureau), as permitted by law.
- To comply with a court order or applicable laws or regulations.
- When authorized by written permission from the member.
- As part of a member service agreement with a Board approved service partner, provided the third party is contractually bound to perform services and to maintain the confidentiality of the information.
- RESPONSIBILITY OF SERVICE PARTNERS. The Credit Union will only approve service providers with established policies of privacy similar to those of the Credit Union. The Credit Union will require contractual agreements from third parties that will include confidentiality of member information disclosed by the Credit Union and prohibit the service provider from disclosure and reuse of nonpublic personal information for any reason other than the intended purpose.
- CONFIDENTIALITY AND SECURITY SAFEGUARDS. The Credit Union maintains strict policies and security controls to assure that nonpublic personal information in the Credit Union's computer systems and files is protected.
- Credit Union employees and certain contractors are permitted access to nonpublic personal information that they may need to perform their jobs and to provide service to the members.
- Credit Union employees and contractors will have access to such nonpublic personal information only as necessary to conduct a transaction or respond to a member's inquiries.
- All Credit Union employees and contractors will be required to respect member privacy through confidentiality and information security provisions included in the Credit Union's employee policy manual and service agreements with the contractors.
- No one except Credit Union employees and authorized contractors will have regular access to the Credit Union computer system and records storage. The Credit Union has established internal security controls, including physical, electronic and procedural safeguards to protect the member nonpublic personal information provided to the Credit Union and the information the Credit Union collects about the member. The Credit Union will continue to review its internal security controls to safeguard member nonpublic personal information as the Credit Union employs new technology in the future.
- PRIVACY OF ELECTRONIC TRANSACTIONS.
- Encryption. Electronic interfaces with members (such as Internet transactions) will be encrypted using Secure Socket Layer (SSL) 128-bit encryption.
- Account Access. Member account information and transactions will be protected by a password that must be used in conjunction with a username or account number. Members must apply for this capability and be registered with the Credit Union for authentication purposes.
- "Cookies". The Credit Union may use "cookies" as part of its web site interface. A "cookie" is a small file that is placed on the user's computer. While it contains no member information, it identifies the member's computer and allows the Credit Union to measure usage of the web site and customize the web site experience.
- Links. The Credit Union will frequently link to other sites as a convenience to our members. The Credit Union will seek to link with other sites that adhere to similar privacy standards. However, the Credit Union is not responsible for the content of linked sites, or for their policies on the collection of member information.
- MEMBERS' RIGHT TO "OPT OUT". Privacy regulations allow members to "opt out" of having their information disclosed to third parties in certain situations. Before the Credit Union discloses any member information to a nonaffiliated third party that is otherwise covered by a disclosure exception under part 716, the Credit Union must properly inform members of their right to "opt out" and to record and honor "opt out" requests.
- PRIVACY COMPLIANCE. The Credit Union and any of its affiliates will comply with all applicable laws and regulations governing the privacy confidentiality, security, and integrity of nonpublic personal information including the NCUA privacy Rule (Part 716), the FTC privacy rule (Part 313) for affiliates, and all other applicable state and federal privacy laws and regulations as amended.
- ADMINISTRATION AND AMENDMENTS.
- Protecting Member privacy is an ongoing process and the Credit Union will continue to evaluate and review the measures taken to safeguard member information.
- The Credit Union will provide training to employees on how to recognize and control risk to nonpublic personal information, how to handle nonpublic personal information, and how to report unauthorized or fraudulent attempts to gain access to nonpublic personal information.
- The Credit Union will create controls and procedures whereby any new product, services, or delivery method shall be reviewed and modified to insure that it conforms to existing Credit Union privacy policies with regards to nonpublic personal information.
- If nonpublic personal information is shared with vendors for a business purpose, all contracts and agreements between the vendors and the Credit Union will include a guarantee that the vendor will safeguard such information.
- COMPLAINT NOTIFICATION - This credit union is incorporated under the laws of the State of Texas and under state law is subject to regulatory oversight by the Texas Credit Union Department. Any member wishing to file a complaint against the credit union should contact the Texas Credit Union Department through one of the means indicated below: In person or by U.S. Mail: 914 East Anderson Lane, Austin, Texas 78752-1699, Telephone Number: (512) 837-9236, Fax Number: (512) 832-0278, Email: firstname.lastname@example.org , Website: www.tcud.state.tx.us