CCPA Disclosure – Physician Bank, a division of Heritage Bank NA
Last updated 2023
This California Consumer Privacy Act Disclosure explains how we collect, use, and disclose personal information related to California residents covered by the California Consumer Privacy Act of 2018 (“CCPA”).
This Notice explains how California residents can exercise their rights under the CCPA to request that we: (1) provide certain personal information that we have collected about them during the past 12 months, along with related information described below, or (2) delete certain personal information that we have collected from them.
The CCPA only applies to information about residents of California.
Under the CCPA, “personal information” is information that identifies, relates to, or could reasonably be linked with a particular California resident or household. The CCPA, however does not apply to information subject to the Gramm-Leach-Bliley Act (“GLBA”).
We also must provide in this online disclosure certain details about our collection and handling of categories of personal information. The information that follows shows the types of personal information we may collect about California residents who are subject to the CCPA, the sources from which we collect it, and the ways in which we use and disclose it.
Categories and Sources of Personal Information
- Identifiers, such as name and government-issued identifier (e.g., Social Security number);
- Personal information such as contact information and financial information;
- Commercial information, such as transaction information and purchase history;
- Biometric information, such as fingerprints and voiceprints;
- Internet or network activity information, such as browsing history and interactions with our website;
- Geolocation data, such as device location and Internet Protocol (IP) location;
- Audio, electronic, visual and similar information, such as call and video recordings;
- Professional or employment-related information, such as work history and prior employer;
- Education information, such as student records and directory information;
- Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.
Category of Sources from which we collect Personal Information
- Information provided from a California resident when applying for a product or service.
- We collect personal information from public records or available resources including information from the media and other records available by federal, state or local government.
- We receive your personal information from third parties who provide it to us (e.g., our customers; credit reference agencies; and law enforcement authorities).
- We receive your personal information from outside companies or organizations that provide data to support activities such as fraud prevention, underwriting, and marketing.
- We collect personal data from outside companies or organizations as part of providing products and services, completing transactions, supporting our everyday operations, or business management and development. Examples of this include companies or organizations to whom we provide products or services; other parties, partners, and financial institutions; and parties involved with mergers, acquisitions, and other transactions involving transfers of all or part of a business, or a set of assets.
- We collect or obtain personal information when you visit any of our websites, mobile app activity, social media or use any features or resources available on or through a Site. When you visit a Site, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a Site and other technical communications information), some of which may constitute Personal Information.
|How we use your personal information
|Managing products and services
|Manage our everyday operations, including legal compliance and risk related
In the last 12 months, Physician Bank has not “sold” Personal Information and does not engage in the sale of personal information as contemplated by the CCPA and therefore does not offer an opt-out from the sale of personal information. For purposes of this CCPA Policy, “sold” means the disclosure of Personal Information to a third party for monetary or other valuable consideration.Rights for California Residents
You have the right to request that we disclose the categories of Personal Information Physician Bank has collected about you in the preceding twelve-month period. We must also provide you with a summary of the purposes for which the categories of Personal Information were collected.
You have the right to request that we delete any of your Personal Information or limit the use of Personal Information subject to the various exceptions provided in the CCPA.
You have the right to correct inaccurate personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.
You have the right to opt-out of selling your personal information to third parties. Physician Bank is not in the business of selling personal information and does not sell any personal information.Responding to Requests
You may submit a verifiable consumer request by: Contacting us by telephone at 1-888-632-2651, Monday through Friday between 8:00 a.m. and 4:30 p.m. CT or emailing us at email@example.com.
In order to protect your information, we can only honor access or deletion requests upon receipt of a verifiable consumer request. Your request must provide information that enables us to verify your identity in order for us to respond. Additionally, you may designate an authorized agent to ask on your behalf. To select an authorized agent to request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.
You agree to respond to any reasonable requests from us for additional information to enable us to verify your identity in connection with your access or deletion requests.
We cannot process your request if you provide insufficient detail to understand and respond to it. We will respond to a verifiable consumer request within forty-five (45) days of receipt, as allowed by CCPA. If we require more time, we will inform you of the reason and extension period in writing. We do not charge a fee to process or respond to your verifiable consumer request. As stated above, we may deny your request as permitted by law. If we do deny your request, we will provide you with the reason for doing so.Right to Nondiscrimination
We will not discriminate against you because you elect to exercise any of your rights under the CCPA.Changes to this Disclosure