Application Information. We retain personal information we receive from you on any application you provide for a deposit account, EFT service, ATM Cash Cards and Visa Check (debit) Cards, Visa Credit Cards, consumer and real estate loans. Application information includes: name, address, social security number, and credit history.

Your Transactions. Any time you make a transaction on one of your accounts, including ATM or card transactions, loan advances, transactions through Online Banking, over the phone or at a branch we retain the transaction information. This includes: your member/account number, the date, amount, and location of the transaction.

Credit Reports. When we evaluate your application for an account or service, we may request a credit report about you from a consumer reporting agency. We retain the personal and credit history information about you and we may use it to evaluate future account service requests.

Online. We obtain information online when you visit our web site, www.onpointcu.com. This includes retaining information you provide us on any online application, Online Banking transaction or information you send to us by e-mail.

Employee Access. Credit Union employees do have access to your information in order to provide service to you. However, our employees’ access is restricted to their need to know such information or as necessary to conduct a transaction or respond to your inquiries. All employees are trained to respect member privacy. No one except our employees has access to the Credit Union computer system and records storage.

Security Safeguards. OnPoint has established security controls and procedures to safeguard the information you provide us and the information we collect about you. Any information exchanged between OnPoint and our membership via the Internet relies on industry standard 128-bit SSL (Secure Sockets Layer) encryption. If we ask you for information other than your name, address, email address, and phone number via theInternet, it will be obtained using 128-bit SSL encryption.

Electronic mail by itself is generally not a secure method of communication. Email correspondence is not encrypted.

Cookies. We also use cookies to provide additional security during home banking sessions. A cookie is a piece of information that our web server stores on your computer hard drive and retrieves later during your session or future sessions. A cookie may contain the following information, encrypted for protection: globally unique identifier, name, account number, home phone, work phone and email address. We use “strong” encryption (128 bit key length or higher) to protect the data within this cookie and we change the encryption keys regularly. This secure cookie is created when you log in and is deleted when you close your browser. The cookie is time sensitive and will expire after a prescribed period. Once expired, the cookie is no longer usable. We use these cookies to verify your identity, to protect against unauthorized access, and to enhance your online experience.

Sharing Information with Credit Union Affiliates. Our wholly owned affiliate, OnPoint Service Group, LLC, provides financial services including insurance products. We may share the following information with our affiliates so they can serve you more efficiently:

• Member information (name, address, member/account number)
• Account information (type of accounts, account balances, transaction history)

Because we maintain management control over our affiliate, you can expect our affiliate to maintain the same privacy standards as the Credit Union.

Sharing Information with Third Party Service Providers. In order for us to conduct our operations, including servicing your account or processing your transactions, we need to share information with our service providers, including the following: data processing companies, financial and marketing consultants, check, ATM and other payment processing companies, payment networks, loan service providers, insurance companies, collection agencies, and credit reporting agencies. These service providers act on our behalf and have agreed in writing to keep the information we provide to them confidential. We share the following categories of information to third party service providers depending on the specific services provided:

• Member information (name, address, member/account number)
• Account information (type of accounts, account balances, transaction history)
• Transaction information (dates, amounts, locations and type of transaction)

The Credit Union does not sell or share any member information with nonaffiliated third party marketers offering their products and services. While we may offer financial products and services of our affiliate(s) or third parties, we control the member information used to make such offers.

Sharing Information as Legally Required or Permitted. We may share any nonpublic personal information of yours in response to a lawful request issued by a court, government agency, or regulatory authority or as permitted by law in order to administer or enforce your account. We may also share our experience information about you with credit bureaus. Our reporting to credit bureaus is governed by the Fair Credit Reporting Act, which affords you the right to make sure that your credit bureau reports are accurate.