PRIVACY POLICY
INTRODUCTION
CU Cooperative Systems, LLC
(hereinafter, “Co-op ” or “we,” “us,” or “our”), created this privacy policy (this “Privacy Policy”) to demonstrate our firm commitment to the privacy and protection of your information. This policy covers how Co-op and its subsidiaries manage information that may be used to identify you directly or indirectly (“Personal Information”) that you submit, or that we collect and receive on our website at www.co-opfs.org, together with any other websites and related mobile applications owned, operated or controlled by us (referred to herein individually and collectively as the “website”) and related to your use of our web services and mobile applications (hereinafter collectively, “Services”). We provide the website and our Services to you subject to the following conditions, which are subject to, and incorporated by reference into, our Terms and Conditions and other agreed upon terms related to the relevant Services.
For the purposes of this Privacy Policy, Co-op is a controller (i.e., responsible party) for the practices described in this Privacy Policy. Additionally, this Privacy Policy does not apply to the extent we process Personal Information in the role of a processor or service provider, as applicable, on behalf of our business customers. For information about the privacy practices of a Co-op business customer or a customer affiliate, please contact the respective business customer directly. We are not responsible for the privacy or data security practices of our business customers, which may differ from those set forth in this Privacy Policy.
California Consumer Notice of Collection
This Notice of Collection is provided to all California consumers subject to this Privacy Policy. You can access specific topics in this Applicant Privacy Policy:
- Introduction
- Information Collection and Usage
- Sources of Personal Information
- How We Use Your Personal Information
- Information Sharing and Disclosure
- How We Protect Your Personal Information
- E-Mail Security
- Cookies and Other Tracking Technologies
- Linked Third Party Sites
- Data Retention
- Rights Related to Your Personal Information
- Children
- Privacy Policy Changes
- Contact Information
INFORMATION COLLECTION AND USAGE
The types of Personal Information that we may collect depends on which of our Services you are utilizing and how you interact with us. We may collect, or have collected in the preceding twelve months, the following categories and specific types of Personal Information:
Contact Information/Identifiers, including name, email address, postal address, phone number, username, business contact information, and alias.
- Government Identifiers, including driver’s license number, passport number, and social security number (in certain instances, identifiers may be considered sensitive Personal Information).
- Information Specific to the Services, including, in certain instances, your financial account information, your username and password used to access our services, and any related questions and answers to obtain account access.
- Demographic Information, including age, gender, race, ethnicity, and household information, some of which may include characteristics of protected classifications under state or federal law.
- Device Information and Other Unique Identifiers, device identifier, internet protocol (IP) address, or similar unique identifiers.
- Internet or Other Network Activity, including information regarding your interactions with our websites, mobile applications, emails, or advertisements.
- Geolocation Data, including information that permits us to determine your location, such as if you manually provide location information or enable your mobile device to send us precise location information.
- Payment Information, including credit or debit card number, or other financial information.
- Inferences, including inferences drawn from or created based on any of the information identified in this section.
- Sensitive Personal Information (where permitted and in accordance with applicable law), of the information listed above, social security number and/or username and password are also sensitive Personal Information.
The provision of the sensitive Personal Information listed above is voluntary. In certain instances, we will not be able to process your request for our Services without the requested Personal Information.
SOURCES OF PERSONAL INFORMATION
We collect, or have collected in the preceding twelve months, your Personal Information in the following ways, pursuant to applicable law:
Directly From You, when you use our Services, register for an account, contact us, provide us with feedback, sign up to receive emails, text messages, and/or postal mailings.
Through Our Use of Cookies and Other Automatic Data Collection Technologies, when you visit our websites, use our mobile applications, open or click on emails we send you, or interact with our advertisements. We or third parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. For more information, please see the “Cookies and Similar Tracking Technologies” section below.
From Our Third Party Partners, including from third parties that we have partnered with to provide you the Services that you have requested from us, such as when we work with our partners to verify information you have provided to us for your account registration or to complete transactions initiated by you.
Other Sources, including data analytics providers or publicly available sources.
HOW WE USE YOUR PERSONAL INFORMATION
We may collect, or have collected in the preceding twelve months, your Personal Information for the following purposes:
Providing our Services
- To provide you the Services, administer your account and provide you with Services requested by you.
- To verify your identity, process your transactions, determine and confirm your transaction limit, and send notifications to you related to your account.
- To enable you to access and use our website or Services.
Communicating With You
- To communicate with you, such as to provide you with information about your account, and to respond to your requests, questions, comments, and other inquiries.
- To understand what partner resources you use, if any, and to connect you to additional resources at your request.
- To send marketing and promotional materials, including information relating to our products, Services, sales, or promotions or those of a third party.
Analytics and Administration of Website
- To administer, maintain, evaluate, and improve our website and Services, and to develop new products and Services.
- To conduct research and analytics related to our website and Services, including combining any or all of the information that we collect or obtain.
- For other business purposes such as trouble shooting problems, data analysis, identifying usage trends, determining the effectiveness of our Services and to enhance or customize our features, products and Services.
Core Business Functions
- To manage our business operations, perform our obligations and exercise our rights under any agreement that your financial institution has with us.
- For other purposes with your consent, or as otherwise permitted or required by applicable law.
Legal Obligations
- We use Personal Information to comply with our legal or regulatory obligations, agreements and policies, to establish or exercise our rights, and to defend against a legal claim.
Security and Fraud Prevention
- We use Personal Information to detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions, attempts to manipulate or violate our policies, procedures, and terms and conditions, security incidents, and harm to the rights, property, or safety of Co-op and our users, customers, employees, or others.
- To enforce our agreed upon terms for our Services, including our Terms and Conditions.
- The Controls & Alerts App periodically collects, transmits, and uses geolocation information to enable features that prevent fraudulent card use and send alerts, depending on whether you elect to allow for the collection of your geolocation information through the application or Services. Geolocation information may be monitored on a continuous basis in the background only while the Service is being used or not at all, depending on your selection.
Use of Your Sensitive Personal Information
- With regard to sensitive Personal Information, we only use your sensitive Personal Information to provide you with the requested products or services and to administer your account.
If you are no longer using our Services, we may continue to store and protect your Personal Information pursuant to this Privacy Policy, and as required by law.
INFORMATION SHARING AND DISCLOSURE
We may disclose, or in the past twelve months have disclosed, the Personal Information identified above in the following limited circumstances for business purposes:
- Affiliated Companies and Financial Institutions. We may disclose Personal Information with companies that are affiliated with us (for example, companies that control, are controlled by, or are under common control with us). We may also disclose Personal Information that is collected between websites or applications that we, or our affiliates, control. We may also share your Personal Information (including sensitive Personal Information) with other financial institutions, such as member credit unions. The Personal Information shared with these financial institutions typically includes Personal Information to verify accounts, confirm transactions, and to coordinate and improve the Services provided to you.
- Organizations that Provide Services. We may disclose your Personal Information with companies that perform services for us, such as credit, product development, and data processing vendors. The information shared with these companies typically includes Personal Information to process transactions on your behalf, conduct our operations, follow your instructions as you authorize, or protect the security of our financial records. We may also disclose your Personal Information with third parties described below in the Cookies and Other Tracking Technologies section.
- Business Transactions. In the event that we go through a business transition, such as a merger, another company acquires us or our affiliates, or we sell a portion of our assets, your Personal Information will, in most instances, be part of the assets transferred. Any successor entity shall be bound by terms and conditions reasonably similar to this Privacy Notice.
- Other Parties. We may disclose your Personal Information with other parties to comply with a legal obligation; to protect the legal rights of (or otherwise participate in a legal process pertaining to) our company, our employees, our agents, our clients, and our affiliates; to protect the safety and security of our visitors, or to protect against fraud; or otherwise with your consent or as allowed by applicable law.
- De-identified or Aggregate Information. We may aggregate and anonymize information you provide to us in such a way as to ensure it will no longer be identifiable to you. This data is generally not considered Personal Information and may be used for statistical, analytic, and administrative purposes, including analyzing our website traffic and trends, tailoring our Services, or conducting product analysis. We may share anonymized or aggregated data at our discretion, in accordance with applicable laws.
We do not sell, rent, lease or “share” (as the term is defined in applicable law) your Personal Information to third parties except if you consent to such disclosure or as described in this Privacy Policy.
We reserve the right to disclose any Personal Information about you or your use of this website without your prior permission if we have a good faith belief that such action is necessary to: (i) protect and defend our rights, property or safety or that or those of our affiliates, other users of this website, or the public; (ii) enforce the Terms and Conditions or other terms for this website and our Services; or (iii) respond to claims that any content violates any law or the rights of third parties.
HOW WE PROTECT YOUR PERSONAL INFORMATION
We have reasonable and appropriate technical and organizational measures in place to protect against the loss, misuses, and alteration of your Personal Information under our control. We have taken reasonable steps to confirm the Personal Information is retained in secured facilities and that reasonable measures have been implemented for protection from unauthorized access. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information. For instance, this website utilizes industry-standard SSL technology to allow for the encryption of potentially sensitive Personal Information submitted to us but may not always secure other parts of our website.
However, no security system is impenetrable. We cannot guarantee the security of our website or databases, nor can we guarantee that Personal Information you supply will not be intercepted while being transmitted to us over the Internet. We ask that you do your part by maintaining any usernames and passwords you use to access the Internet or this website as strictly confidential.
E-MAIL SECURITY
If you received an e-mail from us, (a) your e-mail address is either listed with us as someone who has expressly shared this address for the purpose of receiving Personal Information in the future (“opt-in”), or (b) you have registered, have an existing relationship with us, or are using our Services. We respect your time and attention by controlling the frequency of our e-mails.
Each e-mail sent contains an easy, automated way for you to cease receiving e-mails from us, or to change your expressed interests. If you wish to do this, simply follow the instructions at the end of any e-mail, or visit our email preference page.
COOKIES AND OTHER TRACKING TECHNOLOGIES
When you visit our website, our website’s web server automatically collects information, including, in some instances, Personal Information, through cookies, web beacons, and other similar tracking technologies (collectively “cookies”). Cookies are small text files that are placed on your computer or mobile device when you visit a website. Cookies help the website remember information about your visit, which can make it easier to visit the website again and make the website more useful to you. Some cookies are deleted once you close your browser (session cookies), while other cookies are retained even after you close your browser so that you can be recognized when you return to a website (persistent cookies). More information about cookies and how they work is available at www.allaboutcookies.org. Generally, your email address and all other Personal Information is collected only when you voluntarily provide that data.
Cookies on our website are generally divided into the following categories:
Cookie Type | Description |
Essential Cookies | These are cookies that our website needs in order to function and that enable you to move around and use the website and features. Without these essential cookies, the website will not perform as smoothly for you as we would like it to, and we may not be able to provide the website or certain services or features you request. Examples of where these cookies are used include: to determine when you are signed in, to determine when your account has been inactive, and for other troubleshooting and security purposes. |
Analytics Cookies | Analytics cookies provide us with information regarding how visitors navigate and interact with our website. Such cookies allow us to understand, for example, more about how many visitors we have to our website, how many times they visit us and how many times a user viewed specific pages within our Site. Among other Analytics cookies, we use Google Analytics cookies for these purposes. For more information about Google Analytics, please refer to “How Google Uses Information From Sites or Apps that Use Our Services,” which can be found at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time. |
We may use the information collected through cookies and related tracking technologies for the following purposes:
- To make our website easier to use and generally improve its performance.
- To gather metrics about how you interact with our website.
- For security reasons.
- To provide personalized content. For example, we may store user preferences, your default language, device and browser information, your profile information, which includes the level of your usage of the website, which you visit, so we can identify you across devices and personalize the content you see.
Most web browsers automatically accept cookies, but you can usually change your browser settings to prevent this. If you disable cookies, your ability to use some features of the website may be limited. For mobile devices, you may be able to manage certain cookies using your built-in mobile device settings and controls. Any choices concerning cookies are browser and/or device specific. If you clear your cookies from your browser on any of your devices, your choices will need to be reset. You should check how to do this on your device(s) and operating systems.
Some cookie providers may also offer opportunities to control your preferences. To learn how to opt-out of Google Analytics, an Analytics cookie, please visit https://tools.google.com/dlpage/gaoptout.
Some of these cookies may be placed by third party service providers to help determine the effectiveness of our website or email communications. The use of cookies by third party service providers is within their control and not ours. We do not control their websites or their policies and practices regarding your Personal Information, and you should be aware that different rules might apply to the collection, use or disclosure of your Personal Information by third parties in connection with their advertisements or promotions and other sites you encounter on the Internet. This Privacy Policy does not cover any use of Personal Information that a third party service provider may directly collect from you, and we do not undertake to confirm, investigate, or police their practices.
LINKED THIRD PARTY SITES
We may provide links to other third party websites through the Services solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that Co-op endorses, is affiliated with or makes any representations concerning such third party websites. Co-op neither reviews, controls, nor is responsible for these third party sites or any content therein. By using such links, you will leave the Services. If you decide to access any of the third party sites linked to the Services, you do so entirely at your own risk. Co-op shall not be liable for any consequences arising from use of any third party websites to which the Services link.
DATA RETENTION
How long we retain your Personal Information depends on the context in which, and purposes for which, we collected it. We generally retain Personal Information for as long as necessary for achieving the purposes for which it was collected or processed, unless a different retention period is required by applicable law.
RIGHTS RELATED TO YOUR PERSONAL INFORMATION
Depending on where you live and the types of Personal Information at issue, you may have certain rights with respect to your Personal Information. For example, under local applicable laws, including those in the California, you may have the rights listed below. Please note that many of these rights are subject to exceptions and limitations. For example, certain laws generally do not apply to Personal Information that you provide to us while acting in your professional capacity.
- Right of access and data portability: You have the right to request access to Personal Information we hold about you. Specifically, you have the right to request access to information about the categories of Personal Information concerned and categories of recipients to whom the Personal Information has been or will be disclosed, and the sources from which we receive that Personal Information among other information. You generally have the right to receive this Personal Information, in a structured, commonly used, and machine-readable format so you can transmit this Personal Information to another entity.
- Right to correction: You have the right to request that we correct or supplement any inaccurate or incomplete Personal Information we process about you.
- Right to deletion: You have the right to request that we delete your Personal Information that we collected from you or as applicable anonymize your Personal Information.
- Right to opt-out of the sale or sharing of Personal Information: We do not currently, nor have we in the preceding 12 months, sold or shared (in this context, share means use of your Personal Information for cross-contextual behavioral advertising) your Personal Information. We do not knowingly sell or share the Personal Information of individuals under the age of 16.
- Automated Processing: Under certain circumstances, you have the right to object to a significant decision based solely on automated processing (i.e., without human intervention) unless that decision is required or authorized by law.
- Right of Non-Discrimination/Retaliation: We do not discriminate against individuals who exercise any of their rights described in this Privacy Policy, nor do we retaliate against individuals who exercise these rights.
- Right to Opt Out of our Use of your Sensitive Personal Information (in certain instances and if permissible under applicable law). We do not disclose Sensitive Personal Information for purposes other than those which cannot be limited under applicable law.
If you choose to assert any of these rights under applicable laws, we will respond within the time period prescribed by applicable law. Please note that many of the above rights are subject to exceptions and limitations. If we are not able to provide the requested information or make the change you requested, you will be provided with the reasons for such decisions. Under local law, you may be entitled to lodge a complaint with your local data protection authority, such as your state Attorney General’s Office.
Your rights and our responses will vary based on your state of residency. Please note that you may be located in a jurisdiction where we are not obligated, or are unable, to fulfill a request. In such a case, your request may not be fulfilled.
Co-op may require use of your Personal Information to provide access to the Services. Therefore, when you exercise your deletion right, in particular, you may lose access to certain aspects of the Services that require your Personal Information.
Rights Request and Verification Process
Only you, or a person that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. If you designate an authorized agent to submit requests to exercise certain privacy rights on your behalf, we will require verification that you provided the authorized agent permission to make a request on your behalf. You must provide us with a copy of the signed permission you have given to the authorized agent to submit the request on your behalf and verify your own identity directly with us.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Our verification process may also include a request for additional information to confirm your identity or your authorized agent’s identity (such as your name, email address and date of birth) or to obtain proof that you have given your authorized agent permission to act on your behalf. If our verification process is successful, we will respond to your request within the time and in the manner required by applicable law. If we cannot validate the identity of you and/or your authorized agent or obtain proof that you have given your authorized agent permission to act on your behalf, we will attempt to contact you to inform you.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm that the Personal Information relates to you. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the Personal Information from one entity to another entity without hindrance, specifically by electronic mail communication. Further, if you would like to appeal any decision we make about your request, you may contact us as stated in the “Contact Information” section below.
To exercise these rights, please submit a verifiable consumer request to us by either:
- Calling us at 888-771-5613, or
- Visiting Data Request Form.
CHILDREN
Our Services are not directed toward children under the age of thirteen, and we do not knowingly collect any Personal Information from children under the age of thirteen. If a child provided this website with Personal Information, we ask that a parent or guardian send us a written request to the address listed below and we will promptly delete the child’s Personal Information from our records.
PRIVACY POLICY CHANGES
Co-op is always improving our Services. As our Services evolve, we may update or amend this Privacy Policy. If we modify this Privacy Policy, we will post the revised Privacy Policy online. The revised Privacy Policy will be effective immediately at the time of posting, unless a later effective date is expressly stated therein. We will also revise the “Last Updated” date stated below.
Should any modification materially change how we use your Personal Information, we will provide notice online prior to the effective date of the change.
It is your responsibility to periodically review this Privacy Policy. Users are bound by any changes to this Privacy Policy by using our Services after such changes have been first posted. If you do not agree to the new posted Privacy Policy, your only remedy is to discontinue use of the website.
CONTACT INFORMATION
If you have any questions regarding this privacy policy, you may contact us via the information provided below:
CU Cooperative Systems, LLC
560 Carillon Parkway
St. Petersburg, FL 33703
888-771-5613
Last Update: December 29, 2022
Effective Date: December 29, 2022