Privacy and Security Policy
When used in this Privacy Statement, “we”, “our”, and “us” refer to North Alabama Bank, the terms “you” and “your” refer to our customers and former customers.
For purposes of this statement, the following statements apply:
- “Nonpublic personal information” means information about you that we collect in connection with providing a financial product or service to you. Nonpublic personal information does not include information that is available from public sources, such as telephone directories or government records. Hereafter, we will use the term “information” to mean nonpublic personal information as defined in this section.
- An “affiliate” is a company we own or control, a company that owns or controls us, or a company that is owned or controlled by the same company that owns or controls us.
- A “nonaffiliated third party” is a person we do not employ or a company that is not an affiliate of ours. This is also known as nonaffiliated third party, or simply, an “other party.”
THE INFORMATION WE COLLECT
We collect information about you from the following sources:
- Information you give us on applications or other forms
- Information about your transactions with us
- Information about your transactions with other parties
- Information from a consumer reporting agency
INFORMATION WE DISCLOSE ABOUT YOU
We do NOT disclose any information about you to anyone, except as permitted by law. Examples of this might include disclosures necessary to service your account or prevent unauthorized transactions.
THE CONFIDENTIALITY, SECURITY AND INTEGRITY OF YOUR INFORMATION We restrict access to information about you to those employees who need to know that information to provide products or services to you. We maintain physical, electronic and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.
INFORMATION ABOUT FORMER CUSTOMERS We do not disclose information about former customers, except as permitted by law.
We Want to be Very Clear
We protect and safeguard the privacy of users of our on-line services, just as we do throughout the rest of our business. We will use personal information to identify you, to communicate with you, and to help us answer your questions.
We will NOT sell personally identifying information to a third party for the purpose of solicitation or provide personal information to a third party for its own use.
Sometimes we send our customers information about our products and services. If you do not wish to receive this information, or if you believe that your personal information is incorrect please contact us. We will investigate the situation and, if appropriate, update our records.
If you have any questions that are not answered in this section please contact us.
INFORMATION ABOUT ONLINE PRIVACY and SECURITY
When you visit North Alabama Bank’s website at www.northalabamabank.com or use our Online Banking Services, we want you to understand how North Alabama Bank protects your information. The following information provides additional guidance about your online privacy:
Children’s Online Privacy
The Children’s Online Privacy Protection Act (COPPA) was passed to give parents increased control over what information is collected from their children online and how such information is used. We do not request or collect any information. For additional information on COPPA protections, link to the Federal Trade Commission’s website at www.ftc.gov/privacy/privacyinitiatives/childrens.
If you visit our website to use interactive banking tools such as financial calculators and self-tests, you may be asked for personally identifiable information in order to complete the requested analysis or evaluation. This information is NOT retained.
If you are an Online Banking Customer, any e-mail that you send us requires input of your password as a security precaution and your message is transmitted securely. E-mail that is sent through “Contact Us” from www.nalabamabank.com is not secure and this message is clearly disclosed. If you identify yourself by sending an e-mail or completing forms such as applications, check reorders, contact forms and guest registers, you may be asked for personally identifying information in order to process your request. This information may be retained by us and our business partners for processing and to facilitate decisions. Information you submit to us is treated no differently than any other information you might provide in a written format such as a brochure application, reorder slip or a letter.
Our website brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features a VeriSign-issued Digital ID for the bank’s Internet Service Provider hosting our website, Secure Sockets Layer (SSL) protocol for data encryption, and a router and firewall to regulate the inflow and outflow of server traffic.
Secure Data Transfer
Once a server session is established on an https secure page, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and the customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Secure forms must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.