CCPA Disclosure – Physician Bank, a division of Heritage Bank NA
Last updated November 2021
This California Consumer Privacy Act Disclosure explains how we collect, use, and disclose personal information related to California residents covered by the California Consumer Privacy Act of 2018 (“CCPA”).
This Notice explains how California residents can exercise their rights under the CCPA to request that we: (1) provide certain personal information that we have collected about them during the past 12 months, along with related information described below, or (2) delete certain personal information that we have collected from them.
The CCPA only applies to information about residents of California
Under the CCPA, “personal information” is information that identifies, relates to, or could reasonably be linked with a particular California resident or household. The CCPA, however does not apply to information subject to the Gramm-Leach-Bliley Act (“GLBA”).
We also must provide in this online disclosure certain details about our collection and handling of categories of personal information. The information that follows shows the types of personal information we may collect about California residents who are subject to the CCPA, the sources from which we collect it, and the ways in which we use and disclose it.
Categories and Sources of Personal Information
Categories of Personal Information
Category of Sources from which we collect Personal Information
- Identifiers, such as name and government-issued identifier (e.g., Social Security number);
- Personal information such as contact information and financial information;
- Commercial information, such as transaction information and purchase history;
- Biometric information, such as fingerprints and voiceprints;
- Internet or network activity information, such as browsing history and interactions with our website;
- Geolocation data, such as device location and Internet Protocol (IP) location;
- Audio, electronic, visual and similar information, such as call and video recordings;
- Professional or employment-related information, such as work history and prior employer;
- Education information, such as student records and directory information;
- Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.
- Information provided from a California resident when applying for a product or service.
- We collect personal information from public records or available resources including information from the media and other records available by federal, state or local government.
- We receive your personal information from third parties who provide it to us (e.g., our customers; credit reference agencies; and law enforcement authorities).
- We receive your personal information from outside companies or organizations that provide data to support activities such as fraud prevention, underwriting, and marketing.
- We collect personal data from outside companies or organizations as part of providing products and services, completing transactions, supporting our everyday operations, or business management and development. Examples of this include companies or organizations to whom we provide products or services; other parties, partners, and financial institutions; and parties involved with mergers, acquisitions, and other transactions involving transfers of all or part of a business, or a set of assets.
- We collect or obtain personal information when you visit any of our websites, mobile app activity, social media or use any features or resources available on or through a Site. When you visit a Site, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a Site and other technical communications information), some of which may constitute Personal Information.
Sharing and Disclosure of Information
|How we use your personal information
- Communicating with you via any means (including via email, telephone, text message, social media, post or in person) subject to ensuring that such communications are provided to you in compliance with applicable law; and maintaining and updating your contact information where appropriate
|Managing products and services
- Establish and process transactions for our products and services
- Support the ongoing management and maintenance of our products and services including to provide account statements, online banking access, customer service, payments and collections, and account notifications
|Manage our everyday operations, including legal compliance and risk related
- Perform accounting, monitoring, and reporting
- Enable information security and anti-fraud operations, as well as credit, underwriting, and due diligence
- Enable the use of service providers for business purposes
- Comply with policies, procedures and contractual obligations
- Audit, compliance, controls and other risk management
- Detecting, preventing and investigating fraud
Sale of Personal Information
In the last 12 months, Physician Bank has not “sold” Personal Information and does not engage in the sale of personal information as contemplated by the CCPA and therefore does not offer an opt-out from the sale of personal information. For purposes of this CCPA Policy, “sold” means the disclosure of Personal Information to a third party for monetary or other valuable consideration.
Rights for California Residents
You have the right to request that we disclose the categories of Personal Information Physician Bank has collected about you in the preceding twelve-month period. We must also provide you with a summary of the purposes for which the categories of Personal Information were collected.
You have the right to request that we delete any of your Personal Information subject to the various exceptions provided in the CCPA.
You have the right to opt-out of selling your personal information to third parties. Physician Bank is not in the business of selling personal information and does not sell any personal information.
Responding to Requests
You may submit a verifiable consumer request by: Contacting us by telephone at 1-888-632-2651, Monday through Friday between 8:00 a.m. and 4:30 p.m. CT or emailing us at firstname.lastname@example.org.
In order to protect your information, we can only honor access or deletion requests upon receipt of a verifiable consumer request. Your request must provide information that enables us to verify your identity in order for us to respond. Additionally, you may designate an authorized agent to ask on your behalf. To select an authorized agent to request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.
You agree to respond to any reasonable requests from us for additional information to enable us to verify your identity in connection with your access or deletion requests.
We cannot process your request if you provide insufficient detail to understand and respond to it. We will respond to a verifiable consumer request within forty-five (45) days of receipt, as allowed by CCPA. If we require more time, we will inform you of the reason and extension period in writing. We do not charge a fee to process or respond to your verifiable consumer request. As stated above, we may deny your request as permitted by law. If we do deny your request, we will provide you with the reason for doing so.
Right to Nondiscrimination
We will not discriminate against you because you elect to exercise any of your rights under the CCPA.
Changes to this Disclosure
We may change this disclosure from time to time. When we do, we will let you know by appropriate means such as by posting the revised disclosure with a new “Last Updated” date. Any changes to this disclosure will become effective when posted unless indicated otherwise.