Maintaining and Using Personally Identifiable Information in Electronic Banking Communications
How we handle information about you when you visit our website will depend on what you do when visiting the site.
We will not obtain personally identifiable information about you when you visit our site, unless you choose to provide such information to us.
If you visit our website to read information and do not use any of our online services, then we collect and store only the name of the domain from which you access the Internet, the date and time you access our website and the Internet address of the website from which you linked directly to our website. We may record the “IP address” assigned to you by your internet service provider as part of this process. We use the information we collect to measure the number of visitors to the different sections of our site, and to help us make our website more useful to visitors. When you visit our website, or use our electronic banking services, there may be times when you are asked to provide information about you that is personally identifiable. This information is encrypted and used internally to handle your request. This may include any of the following: your first, middle and last name, driver’s license number, your home or other physical address (including street name and name of a city or town), your e-mail address, a telephone number or social security number, account number, date of birth, mother’s maiden name, password or any other identifier that permits physical or online contact with you. Personally identifiable information might be needed or requested from you for you to register for banking or other services, or to fill out our forms or applications for services, for special promotions or contests, or to accomplish transactions you request (such as bill payment or other banking services). This may result in sharing of personally identifiable information with third parties (such as data processors or service bureaus) as part of servicing your accounts or transactions.
Web Browser Settings and Control of Personally Identifiable Information Collection
You may have the ability to activate web browser tracking settings or other mechanisms that give you the option to control the collection of personally identifiable information about your online activities over time and across third-party websites or online services. Our response to these settings and mechanisms will depend on the setting and mechanism and the impact on our collection and tracking practices. At this time, our website only tracks your activities while on our website and, unless you register with us for a service, we do not collect any personally identifiable information about you. The tracking, including information storing, is facilitated using ‘cookies’ that we place on your computer. In addition to the cookies reference above, we may also place locally stored objects on your computer (such as Adobe Flash objects, sometimes also referred to as ‘Flash cookies’), used for information security and authentication purposes. These types of cookies will not be deleted when you clear cookies from your browser. For more information on user settings and removal capabilities of these locally stored objects, refer to Adobe. If you choose not to accept cookies or remove locally stored cookies, we will not track your activity on our website; however, some features and services on our website may not be available to you.
When you use our website or online service, third parties acting on our behalf may collect the personally identifiable information and website activity identified above. This may include the personally identifiable information collected when you register with us for a service. Depending on the third party websites you visit, as well as any preferences and authorizations you have provided to others, your activity on our website and across other websites, including personally identifiable information you provide, may be tracked and collected by third parties. Also, third parties may offer services on our website from time to time. If you access their websites or provide them with information, these third parties may track your activity across websites and collect your personally identifiable information, all subject to the third party’s privacy and security practices.
You may also decide to communicate with us via e-mail. Please note that information sent to Heritage Bank of Commerce via e-mail is not encrypted nor is it confidential. We therefore do not recommend sending information that is non-public in nature (such as social security or tax identification numbers, account numbers, addresses or balances) or any other information you wish to remain confidential be sent to us over the internet.
To change your e-mail address or password connected with our online banking services, you must log into the online banking system. Navigate to “Profile” or “My Profile” and select the appropriate option, or you may contact us at 800-796-4777.
If you visit our website or engage in any online services that we offer, we may collect and store personally identifiable information as described above, regardless of your browser settings of Do Not Track.
Protecting Customer Information
We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.
Categories of Third-Party Persons or Entities with Whom Heritage Bank of Commerce May Share Information:
Presently, Heritage Bank of Commerce does not disclose any personally identifiable information about our customers or former customers to anyone, except as permitted by law in connection with the administration, processing, or servicing of customer accounts.
For example, this may include disclosure to a credit-reporting agency or in response to a subpoena or other legal process; disclosure to protect against fraud, and disclosure to protect and defend our rights and property or to act in an emergency or to protect someone’s safety.
As we develop our business, we may also buy and sell assets, and, depending on the transactions, your personally identifiable information may be one of the transferred assets. In the event that we are acquired by another company, your personal identifiable information may be part of the assets transferred to the acquiring party.
Children’s Online Privacy Protection Act
Our website is not directed to children under the age of 13. We do not knowingly solicit data from persons under the age of 13 and we do not knowingly market to persons under the age of 13.
Heritage Bank of Commerce provides internet based Online Banking services through a third party Online Banking provider. The Online Banking system is operated from the Online Banking provider’s Service Bureau. The Service Bureau runs on a robust operating system using state of the art firewall technology as its first line of defense in preventing unauthorized access to any information housed.
Included in the Online Banking system is the capacity to allow only secure connections by end users. Utilizing
Transport Layer Security (TLS) encryption technology, all transmissions of web pages and data between the financial institution and its customer are completely encrypted and are unreadable to any person or group trying to “intercept” the transmission. (TLS) encryption is the industry standard and is commonly used in Internet applications that require security and privacy for sensitive data.
When clients access their account information or any other sensitive data, an encryption system is automatically activated to protect the transmission of information from unauthorized sources.
Before a client gains access to Online Banking, they are required to enter their user name and password. Without the proper login credentials, access to the Online Banking system and account information is denied.
When clients are accessing their online information, the connection is automatically converted into a secure Internet communications session.
Heritage Bank of Commerce understands that security is critical to an effective online banking solution. Our online banking provider incorporates a robust firewall system along with intrusion detection and security monitoring service to offer customers secure, real-time internet banking transactions.
Regardless of the efforts, the relative infancy of the internet as a broad-based communication medium when combined with the “open” nature of the internet make it impossible to guarantee absolute confidentiality in all circumstances. However, Heritage Bank of Commerce continues to monitor and review the security procedures that are in place to protect customer information. These measures are updated as practices change and new technology becomes available.
For site security purposes and to ensure that services remain available to all users, the computer systems at Heritage
Bank of Commerce employ software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals evidence of possible abuse or criminal activity, such evidence may be provided to appropriate law enforcement officials. Unauthorized attempts to upload or change information on this web site are strictly prohibited and may be punishable by law under the Computer Fraud and Abuse Act of 1986 and Title
18 U.S.C. Sections 1001 and 1030.
Please note that Heritage Bank of Commerce will not request any personal information from you via e-mail, nor will we initiate a telephone call and ask you to provide it. If you should receive a request for such information which appears to have come from us, please contact us immediately at 800-796-4777.
This is not a solicitation.
CALIFORNIA CONSUMER PROTECTION ACT POLICY
Effective/Last Updated January 1, 2020
Heritage Bank of Commerce (the “Bank”) and all applicable subsidiaries comply with all requirements of the California Consumer Privacy Act of 2018 (“CCPA”).
Your Right to Know About Personal Information Collected, Disclosed, or Sold
A consumer has the right to request that we disclose what personal information we collect, use, disclose, and sell.
If you wish to submit a verifiable consumer request for personal information we collect, use, disclose or sell you should do one of the following:
Call 1 (833) 996-1801;
Send an e-mail to CCPA@herbank.com; or
Ask your branch representative to provide you with a form for your request
When you submit a Request to Know (“RTK”), the Bank will verify your identity. We will ask you for your name, address, and other pieces of information pertinent to your request.
Collection of Personal Information (“PI”)
Below is a list of categories of personal information we have collected about consumers in the preceding 12 months. For each category identified we have also provided the categories of sources from which we collected the personal information, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the personal information:
Disclosure or Sale of Personal Information
We have not sold any personal information about consumers in the preceding 12 months for a business or commercial purpose.
We DO NOT sell the personal information of minors under 16 years of age without affirmative authorization.
Disclosed for Business Purpose
We have disclosed personal information about consumers to third parties for a business or commercial purpose in the preceding 12 months:
Below is a list of the categories where we have shared consumer information with third parties in the preceding 12 months for Business Purposes:
- Auditing of bank records for compliance with state and federal banking regulation;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Performing services on behalf of the Bank, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders or transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider; and
- Undertaking internal research for technological development and demonstration.
Rights under the CCPA
Right to Request Deletion of Personal Information
You have the right to request the deletion of any personal information about you which we have collected or maintained, subject to certain exceptions.
If you wish to submit a request to delete the personal information we collected or maintain about you, you may call us at (833) 996-1801, or e-mail us at CCPA@herbank.com.
In order to verify your identity we will ask you for information, including but not limited to personal identity and information data, and information about your relationship with Heritage Bank. Heritage Bank may contact you to confirm your identity and comply with your request.
We will endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
Right to Opt-Out of the Sale of Personal Information
You have the right to opt out of the sale of your personal information.
Heritage Bank of Commerce does not sell your information.
Right to Non-Discrimination for the Exercise of Your Privacy Rights
You have a right not to receive discriminatory treatment by us for the exercise of any privacy rights conferred by the California Consumer Privacy Act.
You may designate an authorized agent to make a request under the California Consumer Privacy Act on your behalf by providing the agent written permission to make the request. We will verify your identity with the authorized agent.
Contact for More Information
For more information, please call us at (833) 996-1801, or e-mail us at CCPA@herbank.com.