Revised: March 25, 2024

Noble Credit Union understands the importance of protecting your privacy. Our goal is to maintain your trust and confidence when handling your personal information.  We are committed to maintaining the confidentiality of your personal information consistent with state and federal laws. This Online Privacy Policy (“Policy”) describes how we collect, use, share, and protect information when you visit or use our website, www.noblecu.com and mobile application, Noble CU Mobile Banking. The term “us,” “we” or “our” in this Policy refers to Noble Credit Union.  References to “you,” “your,” and “yours” shall mean the members, customers, and website visitors and users of our app. The term “app” includes our mobile application that runs on smartphones, tablets, and other devices, through which you will be able to access online banking services such as getting real-time balances for your accounts, manage your money, viewing your transactions and statements, transfer funds, pay your bills, deposit a check, receive alerts, and manage your debit/credit cards with us. Unless otherwise stated herein, references to our online services shall refer to any services available to you through our website and/or app, including but not limited to, online banking services. 

By using the online services, our website or our app, you agree to the terms and conditions of this Policy and consent to our online data collection activities as described in this Policy.

The terms “personal information” or “personally identifiable information” used in this Policy refers to information such as your name, mailing address, email address, telephone number, Social Security number, or other information that identifies you. This information may be collected when you voluntarily provide it to us on our website or in our app, when you create an account, when you use our online banking services, and when you provide feedback or contact us via e-mail. The term “online activity data” refers to such information as IP address; browser type; display/screen settings; how you interact with our e-mails, websites and app, including your use of our online services; mobile device and advertising IDs; social media preferences and other social media data; location data (if you have enabled location services on your device); and other data that may be aggregated and may identify individual consumers/customers.

INFORMATION WE COLLECT ONLINE – AND HOW WE COLLECT IT

You may visit our websites to find out about products and services and check rates, without giving us any personal information. We, and our service providers, may use software tools and/or “cookies” to track and gather information about your browsing activities in order to analyze usage, target areas for improvement, and create marketing programs to benefit our members or potential members that visit our site. Tracking may include the date and time of visits, pages viewed, time spent on our site, browser types, device data, the use of local storage technologies, location information, IP address, and the site visited just before and just after our site. As part of our security procedures for members using our online banking services to conduct account inquiries and transactions, we require personally identifiable information such as a login identification (username) and password. We may also collect certain information from identity verification services and consumer reporting agencies, including credit bureaus, to provide certain online banking services. We may use a cookie to authenticate your request.

1)Use of Cookies and Similar Tracking Technologies

The use of cookies and similar tracking technologies (including pixels or clear GIFs, tags, and web beacons) is a common internet practice. Cookies are small text files containing small amounts of information which are downloaded to your computer, smartphone, tablet, or other mobile device when you visit a website. Cookies are useful in a number of ways, including allowing a site or mobile app you use to recognize your device, save your settings on a site or mobile app, facilitate navigation, display information more effectively, and to personalize the user’s experience. Cookies are also used to gather statistical information about how sites and mobile apps are used in order to continually improve design and functionality and assist with resolving questions regarding the sites and mobile app.

a. Attributes of Cookies

Cookies set by us are called first-party cookies. We may also have third-party cookies, which are cookies from a domain different than the domain of the website you are visiting, for our advertising and marketing efforts. There can be first-party and/or third-party cookies within any of the below Categories of Cookies.

Cookies have a duration period. Cookies that expire at the end of a browser session are called “session” cookies. Cookies that are stored longer are called “persistent” cookies. There can be session and/or persistent cookies within any of the below Categories of Cookies. Persistent cookies are stored on your system and can be accessed again for multiple visits. Persistent cookies usually have an expiration date and will be automatically deleted from your system at that time.

2. Categories of Cookies

Below is a list of the types of cookies that may be used on our websites. We classify cookies into the following categories:

Essential Cookies: These cookies are technically necessary to provide website functionality.  They are a website’s basic form of memory, used to store the preferences selected by a user on a given site. As the name implies, they are essential to a website’s functionality and cannot be disabled by users. For example, an essential cookie may be used to prevent users from having to log in each time they visit a new page in the same session.

Performance and Function Cookies: These cookies are used to enhance the performance and functionality of a website, but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable.

Analytics and Customization Cookies: Analytics and customization cookies track user activity, so that website owners can better understand how their site is being accessed and used.

Advertising Cookies: Advertising cookies are used to customize a user’s ad experience on a website. Using the data collected from these cookies, websites can prevent the same ad from appearing again and again, remember user ad preferences, and tailor which ads appear based on a user’s online activities.

3. How to Control and Delete Cookies

1. Using Your Browser

Many of the cookies used on our websites can be enabled or disabled through our consent tool or by disabling the cookies through your browser. To disable cookies through your browser, follow the instructions usually located within the “Help,” “Tools” or “Edit” menus in your browser. Please note that disabling a cookie or category of cookies does not delete the cookie from your browser unless manually completed through your browser function.

A growing number of browsers have adopted Global Privacy Control (“GPC”). The GPC is a technical specification designed to allow internet users to notify businesses of their privacy preferences, such as whether they want their personal information to be sold or shared for behavioral advertising purposes. Where required to do so under applicable law, our websites will honor GPC opt-out signals.

2. Using Your Mobile Device

Some mobile devices come with a non-permanent advertising identifier or ID which gives companies the ability to serve targeted ads to a specific mobile device. In many cases, you can turn off mobile device ad tracking or you can reset the advertising identifier at any time within your mobile device privacy settings. You may also choose to turn off location tracking on your mobile device. By turning off ad tracking or location tracking on your mobile device, you may still see the same number of ads as before, but they may be less relevant because they will not be based on your interests.

3. Online Advertising & Cross Context Behavioral Advertising

You may see advertisements when you use many of our online services. These advertisements may be for our own products or services (including pre-screened offers of credit) or for products and services offered by third parties.  Which advertisements you see is often determined using the information we or our affiliates, service providers and other companies that we work with have about you, including information about your relationships with us (e.g., types of accounts held, transactional information, location of banking activity). To that end, where permitted by applicable law, we may share with others the information we collect from and about you. Our advertising service providers may deliver our advertisements to you on non-affiliated websites. Such service providers control the manner in which the advertisements are delivered to you on such non-affiliated websites. You should generally be able to opt-out of receiving such advertisements from the service provider responsible for delivering the advertisement.  

Cross-context behavioral advertising refers to the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses, distinctly branded websites, applications, or services, other than the business, distinctly-branded website, application, or service with which the consumer intentionally interacts.  We do not engage in cross-context behavioral advertising. 

4. Third-Party Website Cookies That We Cannot Control

When using our websites, you may be directed to other websites for activities such as surveys, completing job applications, and to view content hosted on those sites such as an embedded video or news article. These websites may use their own cookies. We do not have control over the placement of cookies by other websites you visit, even if you are directed to them from our websites.

2. Location Data

When allowed by you, our app collects your location data to provide you with the location-based services, such as identifying branches and ATMs near you, and location-based messages and offers. We also collect location data to help with fraud detection.

Opting out of location tracking. If you do not want us to collect location services, you may decline the collection of your location when prompted or adjust the location services settings on your device. Please note, however, that if you withdraw your consent to our collection of location information, you may no longer be able to use some features of the app.

3. IP Addresses

If you log on to our websites to access our online services, including but not limited to the online banking page, you may pass through a “firewall” used for security purposes and the Internet Protocol (IP) address associated with the device you are using may be identified. In certain instances, it may also obtain other information about your device to better identify you as an online user. This information may be retained in case it is needed for security or protection of member information.

4. Social Media

We may collect information, such as your likes, interests, feedback, and preferences when you interact with our official pages on social media websites such as Facebook, X, LinkedIn, YouTube, and Instagram or from our social media partners (but only if you choose to share with them and they, in turn, share that information with us). Please refer to the policies of those companies to better understand your rights and obligations with regard to your activity on those websites. 

5. Contact Information and Images

With your permission, our app may be granted access to your phonebook or contact information in your mobile device to provide various features like Zelle Payments. We will only disclose this information as necessary to enable such features and to comply with federal, state, or local laws, or other legal requirements.

Our app may request access to your camera for you to be able to use our remote deposit capture service.  The front and back pictures of the checks you sent will only be used for our remote deposit capture service.  Such images will only be accessible by us and our service providers that help enable our remote deposit capture service.  We will only disclose the check photos to third parties if necessary to process your remote deposit and to comply with federal, state, or local laws, or other legal requirements.

Additionally, if you are applying for membership or a loan on our website or mobile application, we may ask you to upload a copy of your government issued identification card for us to comply with our regulatory requirements. We will only use this information to open your account and disclose this information to third parties as necessary to process your membership application and to comply with federal, state, or local laws, or other legal requirements.

6. Chat Feature 

By using a chat feature on our website for mobile application, you acknowledge and agree that your communication may be monitored and recorded by us and our service providers for any lawful purpose, such as quality assurance to maintain service quality and to ensure your inquiries are efficiently addressed; training and development to train our staff and improve our services based on your feedback and interactions; and security and compliance to prevent unauthorized use of our chat feature, ensure the security of our communication channels, and to comply with legal obligations.

7. Financial Information and Government Identification

Our online banking service on our website and mobile application collects financial and payment information to process transactions such as bill payments.  Furthermore, our website and mobile application may prompt you to provide a copy of your government issued identification card or collect government identification numbers in connection with an application for membership or a loan with us.  We will never publicly disclose any of your financial information, payment information or government issued identification card or card number.  Such information may be disclosed only to our service providers for the purpose of processing transactions you request from us or maintaining your accounts with us, and such service provides are restricted from forward transfers of such information to other parties except in furtherance of processing your requested transactions or compliance with federal, state, or local laws, or other legal requirements.

HOW WE USE INFORMATION WE COLLECT

We do not and will not sell your personal information. We share your information as required to meet legal and regulatory obligations. We share your personal information that you have provide to us in connection with applying for membership and/or financial products with us (“personally identifiable financial information”) with affiliates and third parties in accordance with the practices set forth in our federal Privacy Policy.

With respect to other information that we collect from you online, which includes personal information from the use of our online services as well as online activity data, we use such information for a variety of reasons, including:

• to present our websites and their contents to you;
• to enable you to use online tools or perform certain online transactions;
• to service and manage your account, including responding to or updating you on inquiries, or to contact you about your accounts or feedback;
• to offer you special products and services and deliver advertisements to you in the form of banner ads, interstitial pages (ads that appear as you sign in or sign out of your online accounts) or other promotions;
• to analyze whether our ads, promotions, and offers are effective;
• to help us determine whether you might be interested in new products or services, and to improve existing products and services;
• to verify your identity and/or location to allow access to your accounts and conduct online transactions;
• to manage fraud and data security risk;
• to personalize and optimize your website browsing and app experiences by examining which parts of our website you visit or which aspect of our apps you find most useful;
• to protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• to audit our internal processes for compliance with legal and contractual requirements, as well as our internal policies;
• to comply with federal, state or local laws; civil, criminal or regulatory investigations; or other legal requirements; and
• to share with trusted third parties who are contractually obligated to keep such information confidential and to use it only to provide the services we have asked them to perform.

By using the online services, our website or our app, we may create de-identified information records from personal information by excluding certain information (such as your name) that makes the information personally identifiable to you. We may use this information in a form that does not personally identify you to analyze request patterns and usage patterns to enhance our products and services. We reserve the right to use and disclose non-identifiable information to third parties in our discretion.

 

WHO WE SHARE INFORMATION WE COLLECT WITH

We disclose your personal information and online activity data to third parties for only our business purposes and to comply with our legal requirements. The general categories of third parties that we share with are as follows:

• our third-party service providers;
• other companies to bring you co-branded services, products, or programs;
• third parties that help us advertise our products or services;
• third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you;
• third parties or affiliates in connection with a corporate transaction, such as a sale, consolidation, or merger of our company or affiliated business; and
• other third parties to comply with legal requirements such as the demands of applicable subpoenas and court orders; to verify or enforce our terms of use, our other rights, or other applicable policies; to address fraud, security, or technical issues; to respond to an emergency; or otherwise, to protect the rights, property, or security of our customers or third parties.

MISCELLANEOUS

Updating Your Personal Information: Keeping your account information up-to-date is important.    You can access and/or update your personal information in connection with your account or application by logging on to your account online or contacting us.

Security: Protecting the confidentiality and security of your personal and financial information is our highest priority. We value your trust, and we understand that handling your financial information with care is one of our most important responsibilities. Our policies, procedures, and protections are always evolving to adapt to new strategies used by fraudsters. Our security measures include ensuring that our websites, online services, online banking, mobile banking, and online applications are hosted on secure servers, have SSL certificates, device safeguards, and secured files and buildings, as well as oversight of our third-party service providers that have access to your personal information and limiting our employees’ access to your personal information on a need to know basis.

What You Can Do to Help Protect Your Information: We are committed to protecting your privacy. We suggest you follow these guidelines:

• Protect your account numbers, card numbers, personal identification numbers (PINs), and passwords. Never keep your PIN with your debit or credit card which would provide access to your accounts if your card is lost or stolen.
• Use caution when disclosing your account numbers, Social Security numbers, and other confidential information to other persons. If someone calls you, explains the call is on behalf of us and asks for your account number, you should beware. Our staff will have access to your information and will not need to ask for it.
• It is important that we have your current information so we may reach you. If we detect potentially fraudulent or unauthorized activity or use of any account, we will attempt to contact you immediately. If your address, phone number, or email changes, please let us know.

Linking to Other Websites: Our websites, online services, online or mobile banking may contain links to third party websites. Although these links were established to provide you with access to useful information, we do not control and are not responsible for any of these websites or their contents. We do not know or control what information third-party websites may collect regarding your personal information. We provide these links to you only as a convenience, and we do not endorse or make any representations about using such third-party websites or any information, software or other products or materials found there, or any results that may be obtained from using them. We encourage you to review the privacy statements of websites you choose to link to from our websites so that you can understand how those websites collect, use, and share your information. We are not responsible for the security or privacy practices of the linked websites.

Protecting Children’s Privacy: We respect the privacy of children and comply with the practices established under the Children’s Online Privacy Protection Act (COPPA). Our website and mobile application do not target children. We do not knowingly collect or retain personally identifiable information from consumers under the age of thirteen. We may, however, collect information about consumers under the age of thirteen on our website or mobile application directly from their parents or legal guardians in connection with the financial products and service that we offer to our members, such as, without limitation, adding children as beneficiaries to bank accounts.  For more information about COPPA please visit the Federal Trade Commission website: www.ftc.gov.

Data Retention: We may retain your personal information and online activity data even if you decide to terminate your membership with us, close your accounts with us, and/or delete our app or cease use of our websites based on the following:

• Laws and regulations. We are a regulated financial institution that is subject to laws and regulations governing our retention of information pertaining to our members, applicants for credit union membership, loans and other financial products and services. We are also an employer and, thus, we are subject to labor laws governing how long we must retain information about applicants for employment and current and former employees. Therefore, applicable laws and regulations will govern how long we retain information pertaining to you.
• Fraud Prevention and Security. We will retain information that we need for fraud prevention and security purposes.
• Contracts. We will retain information for as long as necessary to comply with our contractual obligations to you, our service providers, and other third parties, as permitted by law.
• Legal Claims and Defenses. We may retain information for such a period as necessary or advisable to preserve legal claims and defenses.

 

Opting Out of Email or SMS Communications. If you have signed-up to receive our email marketing communications, you can unsubscribe any time by clicking the "unsubscribe" link included at the bottom of the email or other electronic communication. Alternatively, you can opt out of receiving marketing communications by contacting us at the contact information under "Contact Us" below. If you provide your phone number through the online banking services, we may send you notifications by SMS, such as providing a fraud alert. You may opt out of SMS communications by unlinking your mobile phone number through the online banking services.

Contact Us: You may contact us regarding any question, concern or matter pertaining to this Policy at:

Phone: 559-252-5000 or 800-613-2328

Website: noblecu.com/home/contact-us

Email: Secure Email via Digital Banking 

Mail: P.O. Box 8027, Fresno, CA 93747

Updates to this Policy: From time to time, we may change this Policy. The effective date of this Policy, as indicated above, reflects the last time this Policy was revised. Any changes to this Policy will become effective when we post the revised Policy on our website. Your use of our websites, online services, or online or mobile banking following these changes means that you accept the revised Policy.

Revised: June 6, 2023

Noble Federal Credit Union understands the importance of member privacy. Noble Credit Union's [rivacy policy explains the key elements of your rights under federal laws, Regulation P and Gramm-Leach-Bliley Act (GLBA). This policy is in addition to Noble Federal Credit Union's CCPA Notive for California Residents, which can be found here: www.noblecu.com/home/privacy-policy.

Facts: What Does Noble Federal Credit Union Do With Your Personal Information?

Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

What? The types of personal information we collect and share depend on the product or service you have with us. This information can include:

• Social Security number and income
• Account balances and payment history
• Credit history and credit scores

When you are no longer our customer, we continue to share your information as described in this notice.

How? All financial companies need to share member’s personal information to run their everyday business.  In the section below, we list the reasons financial companies can share their member’s personal information; the reasons Noble Federal Credit Union chooses to share; and whether you can limit this sharing.

Reasons we can share your personal information	Does Noble Federal Credit Union share?	Can you limit this sharing?
For our everyday business purpose— such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus	Yes	No
For our marketing purposes— to offer our products and services to you	Yes	No
For joint marketing with other financial companies	No	We don't share
For our affiliates’ everyday business purposes— information about your transactions and experiences	No	We don't share
For our affiliates’ everyday business purposes— information about your creditworthiness	No	We don't share
For nonaffiliates to market to you	No	We don't share

Questions? Call 559-252-5000 or go to www.NobleCU.com.

Who we are
Who is providing this notice?	Noble Federal Credit Union

 

Information sharing practices
How does Noble Federal Credit Union protect my personal information?	To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does Noble Federal Credit Union collect my personal information?	We collect your personal information, for example, when  you: Open an account or deposit money Pay your bills or apply for a loan Use your credit or debit card We also collect your personal information from others, such as credit bureaus or other companies.
Why can't I limit all sharing?	Federal law gives you the right to limit only: Sharing for affiliates’ everyday business purposes—information about your creditworthiness Affiliates from using your information to market to you Sharing for nonaffiliates to market to you State laws and individual companies may give you additional rights to limit sharing.

 

Definitions
Affiliates	Companies related by common ownership or control. They can be financial and nonfinancial companies. Noble Federal Credit Union has no affiliates.
Nonaffiliates	Companies not related by common ownership or control. They can be financial and nonfinancial companies. Noble Federal Credit Union does not share with nonaffiliates so they can market to you.
Joint marketing	A formal agreement between nonaffiliated financial companies that together market financial products or services to you. Our joint marketing partners include:  investment, insurance, and other financial companies.

 

Revised: June 6, 2023

Your privacy is important to us.  This California Consumer Privacy Act Policy (“Privacy Policy”) explains how we collect, share, use, and protect your personal information through your online and offline interactions with us.For California residents, this Privacy Policy is adopted in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”), and the California Online Privacy Protection Act (“CalOPPA”), and any terms defined in the CCPA and CalOPPA have the same meaning when used in this Privacy Policy. 

As used in this Privacy Policy, “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.  

Personal Information does not include: (i) publicly available information; (ii) deidentified or aggregated consumer information; or (iii) personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (“FRCA”) and the Gramm-Leach-Bliley Act (“GLBA”).

This Privacy Policy also includes references and links to our other privacy policies which serve different purposes under various laws and regulations that apply to us.

1. CATEGORIES OF PERSONAL INFORMATION WE COLLECT

In the preceding 12-months, we have collected the following categories of personal information (please note that some categories overlap):

Category	Examples
A. Identifiers	A real name or alias; postal address; signature; home phone number or  mobile phone number; bank account number, credit card number, debit card number, or other financial information; physical characteristics or description; email address; account name; Social Security Number; driver's license number or state identification card number; passport number; or other similar identifiers.
B. Personal information categories described in Cal. Civ. Code § 1798.80(e)	Signature; state identification card number; physical characteristics or description; insurance policy number; education; employment or employment history; bank account number, credit card number, debit card number, or any other financial information; or medical information or health insurance information.
C. Protected classification characteristics under state or federal law	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), or veteran or military status.
D. Commercial information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information	Not Applicable – We do not collect.
F. Internet or other similar network activity	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
G. Geolocation data	Physical location or movements, for example: city, state, country, and ZIP code associated with your IP address or derived through Wi-Fi triangulation; and, with your permission in accordance with your mobile device settings, precise geolocation information from GPS-based functionality on your mobile devices.
H. Sensory data	Audio, electronic, visual, thermal, olfactory, or similar information.
I. Professional or employment-related information	Current or past job history, performance evaluations, disciplinary records, workplace injury records, disability accommodations, and complaint records; emergency contact information, such as the name, phone number, address and email address of another person in the context of having an emergency contact on file; or personal information necessary for us to collect and retain to administer benefits for you and another personal relating to you (e.g., your spouse, domestic partner, and dependents), such as their name, Social Security Number, date of birth, telephone number, email, and address.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))	Educational records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other personal information.	Profile reflecting a person’s preference, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
L. Sensitive Personal Information	A consumer’s Social Security Number, driver’s license, state identification card, or passport number; a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; A consumer’s precise geolocation; a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; the processing of biometric information for the purpose of uniquely identifying a consumer; or personal information collected and analyzed concerning a consumer’s health.

 

2. CATEGORIES OF SOURCES OF INFORMATION WE COLLECT

We obtain the categories of personal information listed above from one or more of the following categories of sources:

1. From You or Your Authorized Agent

We may collect information directly from you or your authorized agent.  For example, when you provide us your name and Social Security number to open an account and become a member.  We also collect information indirectly from you or your authorized agent.  For example, through information we collect from our members in the course of providing services to them.

2. From Our Website and Applications That You Access on Your Mobile Device

We collect certain information from your activity on our website activity on our website, NobleCU.com, and your use of applications on your mobile device.  We may collect your IP address, device and advertising identifiers, browser type, operating system, Internet service provider (“ISP”), pages that you visit before and after visiting our website, the date and time of your visit, information about the links you click and pages you view on our website, and other standard server log information.  We may also collect your mobile device’s GPS signal, or other information about nearby Wi-Fi access points and cell towers.

1. The Role of Cookies and Other Online Tracking Technologies

We, or our service providers, and other companies we work with may deploy and use cookies, web beacons, local shared objects and other tracking technologies for various purposes, such as fraud prevention and to promote our products and services to you. Some of these tracking tools may detect characteristics or settings of the specific device you use to access our online services.

“Cookies” are small amounts of data a website can send to a visitor’s web browser.  They are often stored on the device you are using to help track your areas of interest.  Cookies may also enable us or our service providers and other companies we work with to relate your use of our online services over time to customize your experience.  Most web browsers allow you to adjust your browser settings to decline or delete cookies, but doing so may degrade your experience with our online services.

Clear GIFs, pixel tags or web beacons—which are typically one-pixel, transparent images located on a webpage or in an email or other message—or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages).  They may also be used when you are served advertisements, or you otherwise interact with advertisements outside of our online services.  These are principally used to help recognize users, assess traffic patterns and measure site or campaign engagement.

“First party” cookies are stored by the domain (website) you are visiting directly.  They allow the website’s owner to collect analytics data, remember language settings, and perform useful functions that help provide a good experience.  “Third-party” cookies are created by domains other than the one you are visiting directly, hence the name third-party. They may be used for cross-site tracking, retargeting and ad-serving.  Cookies fall into the following general categories:

• Essential Cookies: These cookies are technically necessary to provide website functionality.  They are a website’s basic form of memory, used to store the preferences selected by a user on a given site. As the name implies, they are essential to a website’s functionality and cannot be disabled by users. For example, an essential cookie may be used to prevent users from having to log in each time they visit a new page in the same session.
• Performance and Function Cookies: These cookies are used to enhance the performance and functionality of a website, but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable.
• Analytics and Customization Cookies: Analytics and customization cookies track user activity, so that website owners can better understand how their site is being accessed and used.
• Advertising Cookies: Advertising cookies are used to customize a user’s ad experience on a website. Using the data collected from these cookies, websites can prevent the same ad from appearing again and again, remember user ad preferences, and tailor which ads appear based on a user’s online activities.

2. Online Advertising & Cross Context Behavioral Advertising

You may see advertisements when you use many of our online services.  These advertisements may be for our own products or services (including pre-screened offers of credit) or for products and services offered by third parties.  Which advertisements you see is often determined using the information we or our affiliates, service providers and other companies that we work with have about you, including information about your relationships with us (e.g., types of accounts held, transactional information, location of banking activity).  To that end, where permitted by applicable law, we may share with others the information we collect from and about you.

Our advertising service providers may deliver our advertisements to you on non-affiliated websites.  Such service providers control the manner in which the advertisements are delivered to you on such non-affiliated websites.  You should generally be able to opt-out of receiving such advertisements from the service provider responsible for delivering the advertisement. 

Cross-context behavioral advertising refers to the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses, distinctly branded websites, applications, or services, other than the business, distinctly-branded website, application, or service with which the consumer intentionally interacts.  We do not engage in cross-context behavioral advertising.

3. Third-party service providers in connection with our services or our business purposes

We collect information from third-party service providers that interact with us in connection with the services we perform or for our operational purposes.  For example, a credit report we obtain from a credit bureau to evaluate a loan application.  Another example is a third-party service provider that provides us information to help us detect security incidents and fraudulent activity.

4. Information we collect from third-parties for a commercial purpose

We collect information from third-parties for our commercial purposes.  We partner with a limited number of third-party analytics and advertising firms. These third parties may use cookies or code processed by your browser to collect public information about your visits to our and other websites in order to provide customized experiences, advertisements or services.  These parties may also collect information directly from you by contacting you telephonically, via email or through other communication channels.  We do not disclose any information about you to such third-parties except as permitted by applicable laws and regulations, and we require such third-parties to follow applicable laws and regulations when they collect information from you to transfer such information to us.

3. HOW WE USE YOUR PERSONAL INFORMATION

We may use or disclose personal information we collect for one or more of the following business purposes:

• To fulfill or meet the reason for which the information is provided.  For example, you apply for a loan, and we use the information in your loan application to give you the loan.
• To provide you with information, products or services that you request from us.
• To evaluate your candidacy for employment or for an independent contractor engagement, and to administer employment-related benefits for you, your spouse or domestic partner, and your dependents.
• To provide you with email alerts, event registrations or other notices concerning our products, services, events or news, that may be of interest to you.
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
• To improve our website and present its contents to you.
• For testing, research, analysis to improve our products and services and for developing new ones.
• To protect the rights, property or safety of us, our employees, our members or others.
• To detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal information.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, in which personal information held by us is among the assets transferred. 

We also use your personal information to advance our commercial or economic interests (“commercial purpose”), such as advertising our membership, products and services, or enabling or effecting, directly or indirectly, a commercial transaction.

We do not use or disclose your sensitive personal information for any purpose other than, as reasonably necessary and proportionate, for the following purposes:

• To perform the services or provide the goods reasonably expected by an average consumer who requests those goods and services. 
• To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information.
• To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions.
• To ensure the physical safety of natural persons.
• For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of your current interaction with the business, provided that the personal information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience outside of your current interaction with us.
• For our service providers or contractors to perform services on our behalf, such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf; provided, however, that the use of your sensitive personal information is reasonably necessary and proportionate for this purpose.
• To verify or maintain the quality or safety of a service or device that is owned, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured for, or controlled by us; provided, however, that the use of your sensitive personal information is reasonably necessary and proportionate for this purpose.
• To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about you.

4. DISCLOSURE OF PERSONAL INFORMATION
   1. Disclosure for Business or Commercial Purposes

We disclose your personal information for our business or commercial purposes to the following parties:

1. Our third-party service providers;
2. Our affiliated websites and businesses in an effort to bring you improved service across our family of products and services, when permissible under relevant laws and regulations;
3. Other companies to bring you co-branded services, products or programs;
4. Third parties that help us advertise products, services or membership with us to you;
5. Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you;
6. Third parties or affiliates in connection with a corporate transaction, such as a sale, consolidation or merger of our financial institution or affiliated business; and
7. Other third parties to comply with legal requirements such as the demands of applicable subpoenas and court orders; to verify or enforce our terms of use, our other rights, or other applicable policies; to address fraud, security or technical issues; to respond to an emergency; or otherwise to protect the rights, property or security of our customers or third parties.

In the preceding 12-months, we have disclosed the following categories of personal information for our business and commercial purposes and, for each category, the following categories of third-parties to whom such personal information was disclosed:

Category of Personal Information (Represented in alphabetical form from the categories listed in Section I)	Category of Third-Parties (Represented in numerical form from the categories of third-parties identified in this subsection (a) of this Section IV)
A	1, 2, 3, 4, 5, 7
B	1, 2, 4, 5, 7
C	1, 2, 4, 5, 7
D	1, 2, 4, 5, 7
E	Not Applicable
F	1, 2, 4, 5, 7
G	1, 2, 4, 5, 7
H	1
I	1
K	4
L	1, 2, 3, 4, 5, 7

2. Sharing Your Personal Information for Cross-Context Behavioral Advertising

We have not shared your personal information to third-parties for cross-context behavioral advertising]

3. Selling Personal Information

It is not our policy to sell personal information and we have not done so in the preceding 12-months.

5. RIGHTS AND CHOICES FOR CALIFORNIA RESIDENTS

If you are a California resident, this section describes your rights and choices regarding how we collect, share, use, and protect your personal information, how to exercise those rights, and limits and exceptions to your rights and choices under the CCPA. 

1. Exceptions

In the following instances, the rights and choices in this Section V do not apply to you:

• If you are not a California resident.
• If we collected personal information covered by certain financial sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), and the Gramm-Leach-Bliley Act (GLBA). How we collect, share, use and protect your personal information covered under the GLBA is covered under our federal GLBA privacy policy.
• Aggregate consumer information.
• Deidentified personal information.
• Publicly available information.

2. Access to Specific Information and Data Portability Rights

If the above exceptions do not apply, and you have not made this request more than twice in a 12-month period, you have the right to request that we disclose certain information to you about our collection and use of your personal information.  Once we receive and confirm your request and verify that the request is coming from you or someone authorized to make the request on your behalf, we will disclose to you or your representative:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting, sharing or selling that personal information.
• The categories of third parties to whom we disclosed, shared or sold your personal information.   
• The specific pieces of personal information we collected about you in a form that you can take with you (also called a “data portability request”).

3. Deletion Request Rights

You have the right to request that we delete any of your personal information that we collect from you and retained, subject to certain exceptions.  Once we receive and verify your request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.  We may deny your deletion request if retaining the information is necessary for us or our service providers to:

1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
2. Help to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for those purposes.
3. Debug to identify and repair errors that impair existing intended functionality. 
4. Exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you previously provided informed consent.
7. To enable solely internal uses that are reasonably aligned with your expectation based on your relationship with us and compatible with the context in which you provided the information.
8. Comply with a legal obligation.
   4. Right of Correction

You have the right to request changes to any of your personally identifiable information that we have collected through our website and online services. 

5. Exercising Access, Data Portability, Deletion and Correction Rights

To exercise the access, data portability, deletion and correction rights described above, a consumer or a consumer’s authorized agent may submit a verifiable consumer request to us by either:

• Calling us at 800-613-2328
• Completing the CCPA Request Form available at www.noblecu.com/home/privacy-policy.

6. General Statement Regarding Identity Verification

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with us.  However, we may consider requests made through a password protected account with us sufficiently verified when the request relates to personal information associated with that specific account.  If we receive a request through and authorized agent of the consumer, we will require:

1. Submission of a written document signed by the consumer with the consumer’s permission for the authorized agent to submit a verifiable request on their behalf and require the authorized agent to verify their own identity to us; or
2. The consumer to directly verify with us that they have authorized the agent to submit the request. 
3. We will not require either of the above if the authorized agent provides a copy of a power of attorney pursuant to California Probate Code sections 4121 to 4130 and we are able to verify authorized agent’s identity.

We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.  We will ask you to complete the CCPA Request Form which will ask you for information that will help us verify your identity.  The verification process includes matching the information you provide us with the information we have in our records.  The stringency of the verification process depends on the sensitivity of the request, whether or not the consumer is a current customer with a password-protected account, the need to prevent unauthorized access and disclosure of personal information and other factors.  Within 10-days of your submission of your CCPA request, we will notify you of any additional information we might need to verify your identity. 

7. Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.  For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.  We do not charge a fee to process or respond to your verifiable consumer request.

8. Right of Non-Discrimination

We will not discriminate against you for exercising any of your rights in this Privacy Policy and under applicable laws.  Unless permitted by law, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price for goods or services or a different level or quality of goods or services.
• Retaliate against you as our employee, applicant for employment, or independent contractor.

6. DO NOT TRACK SIGNALS

Industry standards are currently evolving and we may not separately respond to or take any action with respect to a “do not track” configuration set in your internet browser.

7. CCPA OPT-OUT PREFERENCE SIGNALS

The following expresses how we address opt-out preference signals to comply with our obligations to California consumers under the CCPA.  The CCPA defines an “opt-out preference signal” as a signal that is sent by a platform, technology or mechanism, on a consumer’s behalf, that communicates the consumer’s choice to opt-out of the sale and sharing of personal information for cross-context behavioral advertising purposes and that complies with certain technical requirements. 

Since we do not sell or share your personal information for cross-context behavioral advertising purposes, we do not respond to opt-out preference signals.

8. CHANGES TO OUR PRIVACY POLICY

We reserve the right to amend this Privacy Policy at our discretion and at any time.  When we make changes to this Privacy Policy, it will be posted on Noble Credit Union’s website at www.noblecu.com/privacy.

9. CHILDREN’S ONLINE INFORMATION PRIVACY

Our website is not intended for children under the age of 13. We do not knowingly collect, maintain, or use personally identifiable information from our website about children under the age of 13 without parental consent. For more information about the Children’s Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website: www.ftc.gov.

10. LINKING TO THIRD-PARTY WEBSITES

We may provide links to websites that are owned or operated by other companies ("third-party websites").  When you use a link online to visit a third-party website, you will be subject to that website’s privacy and security practices, which may differ from ours. You should familiarize yourself with the privacy policy, terms of use and security practices of the linked third-party website before providing any information on that website.  We are not responsible for the third-party website’s use, collection, sale or sharing of your personal information. 

11. SECURITY

We use reasonable physical, electronic, and procedural safeguards that comply with federal standards to protect and limit access to personal information.  This includes device safeguards and secured files and buildings.

Please note that information you send to us electronically may not be secure when it is transmitted to us.  We recommend that you do not use unsecure channels to communicate sensitive or confidential information (such as your Social Security number) to us.

12. CONTACT INFORMATION

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights, or to request changes to any of your personally identifiable information that we have collected, please do not hesitate to contact us at:

Phone: 800-613-2328
Website: https://www.noblecu.com/home/privacy-policy