McBryde Federal Credit Union 

Privacy Policy & Disclosure

 

General Policy Statement:

 

The Credit Union recognizes its responsibility to protect the privacy of member nonpublic personal information. It is the intent of the Credit Union and any of its affiliates to abide by all applicable laws and regulations governing the privacy of nonpublic personal information including NCUA Privacy of Consumer Financial Information rule (Part 716), the FTC Privacy rule (Part 313) for affiliates, provisions of the Gramm-Leach-Bliley Act and the Right to Financial Privacy Act.

 

Guidelines:

 

1.         PRIVACY COMPLIANCE. The Credit Union and all its affiliates will comply with all applicable laws and regulations governing the privacy, confidentiality, security, and integrity of nonpublic personal information including the NCUA privacy rule, the FTC privacy rule for affiliates, and all other applicable state and federal privacy laws and regulations as amended.

 

2.         DEFINITIONS. For the purpose of this privacy policy, the following definitions shall apply.

 

A.    Affiliate. Companies related by common ownership or control. They can be financial and nonfinancial companies. McBryde Federal Credit Union has no affiliates. 

B.    Consumer. A consumer is an individual, or such individual’s legal representative or personal representative, who has obtained a financial product or service from the Credit Union for personal, family or household purposes or for whom the Credit Union is acting as fiduciary. A consumer is not necessarily a member of the Credit Union.

C.    Member. A member is a consumer with whom the Credit Union has, or has had in the past, a continuing relationship where the Credit Union has provided one or more financial products or services for personal, family or household purposes. Examples:

·          Members as defined in the Credit Union’s bylaws;

·          A nonmember joint accountholder held with a member;

·          A former member;

·          A nonmember who has a loan that the Credit Union services;

·          A nonmember who has an account with the low-income designated Credit Union; and

·          A nonmember who has an account in a federally-insured state-chartered Credit Union pursuant to state law.

 

D.    Nonpublic Personal Information. Personally identifiable financial information and any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived without using any personally identifiable financial information, other than publicly available information.  Nonpublic personal information does not include publicly available information.

 

3.        COLLECTION OF INFORMATION. In the course of delivering products and services, the Credit Union obtains nonpublic personal information, either directly from the member or from outside sources. This nonpublic personal information is used to comply with federal and state laws and regulations, to provide effective member service and to inform members of products and services which may be of interest to the member.

 

4.         MAINTENANCE OF ACCURATE INFORMATION. The Credit Union will exercise reasonable caution in the gathering and maintenance of information to ensure its accuracy. When inaccurate information is discovered, it will be corrected as promptly as possible.

 

5.         DISCLOSING INFORMATION TO THIRD PARTIES. The Credit Union will not disclose personal nonpublic information to non-affiliated third parties without first providing the consumer a clear and conspicuous notice that accurately reflects the Credit Union’s privacy policies and practices, and providing the consumer a reasonable opportunity to opt out of such disclosure, and the consumer has not opted-out. The Credit Union may share personal nonpublic information with its affiliate, if applicable. The Credit Union also may share its experience information about the member with credit bureaus. The Credit Union’s reporting to credit bureaus is governed by the Fair Credit Reporting Act, which affords the member the right to make sure that its credit bureau reports are accurate. The requirement for the Credit Union to provide notice and a reasonable opportunity to opt out does not apply if the Credit Union’s disclosure of nonpublic personal information is necessary to effect, administer, or enforce a transaction that a consumer requests or authorizes, or in connection with any of the following: 

 

A.    Servicing or processing a financial product or service that a consumer requests or authorizes.

B.    Maintaining or servicing the consumer’s account with the Credit Union, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity.

C.    To the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act, to law enforcement agencies, self-regulatory organizations, or for an investigation on a matter related to public safety.

D.    To provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the Credit Union, persons assessing the Credit Union’s compliance with industry standards, and the institution’s attorneys, accountants, and auditors.

E.     To a credit reporting agency in accordance with FCRA.

F.     To comply with Federal, State, or local laws, rules, and other applicable legal requirements, to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State or local authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.

G.    Such financial records are disclosed (i) in response to an administrative subpoena; (ii) in response to a search warrant; (iii) in response to a judicial subpoena; or (iv) in response to a formal written request by a proper governmental authority.

 

6.         RESPONSIBILITY OF SERVICE PROVIDERS. The Credit Union will only approve service providers with established policies of privacy similar to those of the Credit Union. The Credit Union will require contractual agreements from non-affiliated third parties that will include confidentiality of member information disclosed by the Credit Union and prohibit the service provider from disclosure and reuse of nonpublic personal information for any reason other than the intended purpose.

 

7.         MEMBERS’ RIGHT TO "OPT OUT." Privacy regulations allow members to "opt out" of having their information disclosed to non-affiliated third parties in certain situations. Before the Credit Union discloses any member information to a non-affiliated third party that is not otherwise covered by a disclosure exception under Part 716, the Credit Union will properly inform members of their right to "opt out" and to record and honor "opt out" requests. 

           

8.         REVISED PRIVACY DISCLOSURE.  The Credit Union will provide a revised privacy policy (and a new opt out notice, if and when applicable) in the following circumstances:

A.    The Credit Union discloses a new category of nonpublic personal information to any nonaffiliated third party;

B.    The Credit Union discloses nonpublic personal information to a new category of non-affiliated third party; or

C.    The Credit Union discloses nonpublic personal information about a former member to a non-affiliated third party, and   that former member has not had the opportunity to exercise an opt out right regarding that disclosure.

 

9.         ADMINISTRATION AND AMENDMENTS.

A.    Protecting member privacy is an ongoing process and the Credit Union will continue to evaluate and review the measures taken to safeguard member information.

B.    The Credit Union will provide training to employees on how to recognize and control risk to nonpublic personal    information, how to handle nonpublic personal information, and how to report unauthorized or fraudulent attempts to gain access to nonpublic personal information.

C.    The Credit Union will create controls and procedures whereby any new product, service, or delivery method shall be reviewed and modified to ensure that it conforms to existing Credit Union privacy policies with regards to nonpublic personal information.

D.    If nonpublic personal information is shared with vendors for business purposes, all contracts and agreements between the vendors and the Credit Union will include a guarantee that the vendor will safeguard such information.

E.     Because no policy can address every possible contingency and circumstance, Credit Union shall use its good faith business judgment in administering this privacy policy.

F.     The Credit Union reserves the right to amend this privacy policy in any respect with disclosure to members as required by law.