Skip nav to main content.
×
cover-art

LBS Financial
Mobile Banking App

Free - On the App Store

×
cover-art

LBS Financial
Mobile Banking App

Free - On the App Store

California Online Privacy Notice

LBS Financial Credit Union California Consumer Privacy Act Policy and Disclosure

Effective Date: June 18, 2020
Last Reviewed on: June 18, 2020

This California Consumer Privacy Act Policy & Disclosure is provided by LBS Financial Credit Union (referred to herein as the “Credit Union” or “we” or “us” in compliance with the California Consumer Privacy Act of 2018 (the “CCPA”). Your privacy is important to us.  This disclosure explains how we collect, use and disclose personal information relating to California residents.

APPLICABILITY: This policy applies only to California residents; it does not apply to residents of other states, districts, territories or countries.  In addition, this disclosure details certain rights California residents have under the CCPA.  The disclosure is provided pursuant to the CCPA.

CHANGES TO THIS POLICY & DISCLOSURE: As required by the CCPA, the California Attorney General is required to issue regulations implementing the CCPA. The California Attorney General has published proposed regulations.  When and if those regulations become final and binding regulations, we will update this policy as appropriate. Should the Credit Union’s practices regarding California resident’s data change, we will update this policy.  We encourage California residents to periodically review this policy and disclosure.

PERSONAL INFORMATION: Pursuant to the CCPA, “Personal Information” is information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular California resident or household.

EXCLUSIONS: The obligations imposed on the Credit Union by the CCPA do not restrict the Credit Union’s ability to:

(1) Comply with federal, state, or local laws;

(2) Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities;

(3) Cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith believes may violate federal, state, or local law;

(4) Exercise or defend legal claims;

(5) Collect, use, retain, sell, or disclose consumer information that is de-identified or in the aggregate consumer information; or

(6) Collect or sell a person’s personal information if every aspect of that commercial conduct takes place wholly outside of California. For purposes of this disclosure, commercial conduct takes place wholly outside of California if the Credit Union collected that information while the consumer was outside of California, no part of the sale of a person’s personal information occurred in California, and no personal information collected while a person was in California is sold.

RIGHT TO REQUEST PERSONAL INFORMATION COLLECTED OR DISCLOSED:

If you are a California resident, you have the right to request that we disclose to you the following:

(1) The categories of Personal Information we collected about you in the past 12 months.

(2) The categories of sources from which Personal Information is collected.

(3) The business or commercial purpose for collecting Personal Information.

(4) The categories of third parties with whom we share Personal Information.

(5) The specific pieces of Personal Information we collected about you.

RIGHT TO REQUEST DELETION OF PERSONAL INFORMATION: If you are a California resident, you have the right to request deletion of your Personal Information collected by the Credit Union.

INSTRUCTIONS FOR SUBMITTING VERIFIABLE REQUEST FOR PERSONAL INFORMATION COLLECTED, OR DISCLOSED, OR REQUEST FOR DELETION:

If you are a California resident, you may submit a request for us to provide you with, or delete, your Personal Information by:

The Credit Union will acknowledge receipt of your request within 10 business days.  The Credit Union must verify each request, so we will ask for additional information to verify your identity.  If you are making a request as an agent for a California resident, we may ask you to provide us with information to verify that you are an authorized representative of the person about whom we collected personal information.

We will not be able to fulfill your access or deletion request if we cannot verify your identity or your authority if you are an agent for a California resident.   Also, we may not fulfill your request if your request would violate the rights of a third person or if the information we have about you is not covered by the CCPA.  We will notify you if we cannot honor your request.  Requests for non-public personal information such as your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, or security questions and answers are not permitted and will not be honored.

Other privacy and data protection laws may apply to much of the Personal Information we collect, use or disclose.  If these laws apply, Personal Information may be exempt from your request and will not be provided.  For example, information covered by the Gramm-Leach-Bliley Act (“GLBA”) is exempt from the CCPA.  To find out how we collect, use or disclose your information covered by the GLBA, please see our Privacy Rights & Terms.  Other federal and state laws and regulations may also apply to your Personal Information.

We may take up to 45 calendar days to process your request.  If we cannot meet that requirement, we may have up to an additional 45 calendar days after we provide you with notice and an explanation for our delay.

You may make a verifiable request not more than twice in a 12-month period.

CATEGORIES OF PERSONAL INFORMATION WE COLLECT:  The chart below shows which categories of Personal Information we have collected for business purposes during the past 12 months:

 

Category

 

Examples

 

Collected

 

A. Identifiers.

 

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

 

 

YES

 

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

 

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

 

 

YES

 

C. Protected classification characteristics under California or federal law.

 

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

 

 

YES

 

D. Commercial information.

 

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

 

 

YES

 

E. Biometric information.

 

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

 

 

YES

 

F. Internet or other similar network activity.

 

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

 

 

YES

 

G. Geolocation data.

 

Physical location or movements.

 

 

NO

 

H. Sensory data.

 

Audio, electronic, visual, thermal, olfactory, or similar information.

 

NO

 

I. Professional or employment-related information.

 

Current or past job history or performance evaluations.

 

 

YES

 

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

 

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

 

 

NO

 

K. Inferences drawn from other personal information.

 

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

 

 

NO

 

 

CATEGORIES OF SOURCES OF PERSONAL INFORMATION: We obtain the categories of personal information listed above from the following categories of sources:

  • “California residents” or their representatives by way of physical, audible and electronic sources, such as websites, (including online advertising), mobile application activity and social media.
  • “Public records”, including information from federal, state or local governments. Public records could include information from the media.
  • “Third parties” such as service providers and consumer data companies that help us prevent fraud, underwrite, market, human resource management activities, and third parties that otherwise support the Credit Union’s daily business activities. Such third parties include other financial institutions and parties involved with potential or actual mergers that the Credit Union is a party to.

CATEGORIES OF THIRD PARTIES WITH WHOM WE SHARE PERSONAL INFORMATION FOR OUR BUSINESS PURPOSES:  We have shared Personal Information for business purposes during the last 12 months with the following categories of third parties:

  • “Service Providers” who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure, customer service, email delivery, auditing, marketing and marketing research activities.
  • “Third Parties” who provide services such as payment, banking and communication infrastructure, storage, legal expertise, tax expertise, notaries and auditors.
  • Government Agencies as required by laws and regulations.

THE BUSINESS AND COMMERCIAL PURPOSES FOR WHICH PERSONAL INFORMATION WAS COLLECTED:

The business and commercial purposes we collect Personal Information are as follows:

  • Business Operations – Actions performed for the benefit of the Credit Union, our members or others. This includes servicing member accounts, loan processing, other transaction, business operations relating to member verification, business analytics, marketing, etc.
  • Commercial Operations – The Credit Union engages in actions that promote the growth and success of the Credit Union, such as member promotions and other activities that promote the financial well-being of the Credit Union.
  • Quality Control – Activities to preventing mistakes and avoiding problems when delivering products or services to our Members.
  • Security – Activities relating to ensuring that all information systems are functional and secure, detecting and preventing malicious and illegal activities that put the Credit Union at risk.
  • Systems Maintenance – Process of maintaining system operations and finding and repairing malfunctions that impair existing or intended Credit Union system operations.
  • Audit & Compliance – Actions that maintain Credit Union policies and procedures or compliance with applicable laws and regulations.
  • Employment Activities – Activities related human resource management.

 

SALE OF PERSONAL INFORMATION:

The CCPA definition of “sell” includes selling, renting, releasing, disclosing, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s Personal Information for monetary or other valuable consideration.

The Credit Union does not sell Personal Information.  Moreover, the Credit Union does not sell the Personal Information of minors under 16 years of age without affirmative authorization.

 

 RIGHT TO OPT-OUT OF SALE OF PERSONAL INFORMATION:

You have the right to opt-out of the sale of your Personal Information.

The Credit Union does not sell.

The Credit Union does not have actual knowledge that it sells the personal information of minors under 16 years of age.

 

RIGHT TO NON-DISCRIMINATION FOR EXERCISE OF YOUR PRIVACY RIGHTS:

We may not discriminate against you for exercising your rights under the CCPA.

 

DESIGNATION OF AUTHORIZED AGENT:

You have the right to designate an authorized agent who may act on your behalf regarding the rights provided in this Disclosure.  We may require you to provide the authorized agent written permission to do so.  We will also directly verify your identity, except where an agent was authorized by a power of attorney pursuant to Probate Code sections 4000 to 4465. We may deny a request from an agent that does not submit proof that they have been authorized by You to act on your behalf.

 

CONTACT INFORMATION:

You may contact us in any of the following manners:

Review our Official Notice at Collection