Policy
Privacy Statement
For each visitor to our Web pages, our Web server automatically recognizes the consumer’s domain name and e-mail address. We collect the e-mail addresses of those who communicate with us via e-mail. We also collect information on what pages consumers access or visit and information volunteered by the consumer, such as application and survey information.
The information we collect is used to:
-
Improve the content of our Website for your future visits.
-
Customize the content and/or layout of our pages for each individual consumer.
-
Notify consumers about updates to our Website (if you have asked to be notified of updates or new releases).
-
Notify consumers of new products.
Volunteered information is not sold or transferred to other parties.
Links
This Website may from time to time carry third party advertisers and provide links to third party websites. Green Bank is not responsible for the actions of those parties. You should review their privacy policies to learn more about what, why and how they collect and use personally identifiable information.
Notice of Your Financial Privacy Rights
We, our, and us, when used in this notice, mean Green Bank.
This is our privacy notice for our customers. When we use the words you and your we mean the following types of customers:
- Our consumer customers who have a continuing relationship by purchasing or holding financial products or services such
as a(n):
- Deposit account
- Loan account
- Safe deposit box
- All IRA accounts for which we act as custodian
We will tell you the sources of the information we collect about you. We will tell you what measures we take to secure that information.
We must first define some terms.
Nonpublic personal information means information about you that we collect in connection with providing a financial product or service to you. Nonpublic personal information does not include information that is available from public sources, such as telephone directories or government records. Hereafter, we will use the term “information” to mean nonpublic personal information as defined in this section.
An affiliate is a company we own or control, a company that owns or controls us, or a company that is owned or controlled by the same company that owns or controls us. Ownership does not mean complete ownership, but means owning enough to have control.
A nonaffiliated third party is a person we do not employ or a company that is not an affiliate of ours. This is also known as a nonaffiliated third party, or simply, an “other party.”
THE INFORMATION WE COLLECT
We collect information about you from the following sources:
- Information you give us on applications or other forms
- Information about your transactions with us
- Information about your transactions with our affiliates
- Information about your transactions with other parties
- Information from a consumer reporting agency
- Information we receive as a result of verifying customer information
YOUR INFORMATION AND OTHER PARTIES
We will NOT disclose any information about you to anyone, except as permitted by law. Examples of this might include disclosures necessary to service your account or prevent unauthorized transactions.
THE CONFIDENTIALITY, SECURITY, AND INTEGRITY OF YOUR INFORMATION
We restrict access to information about you to those employees who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards to protect this information.
INFORMATION ABOUT FORMER CUSTOMERS
We do not disclose information about former customers, except as permitted by law.
AUTHORIZED SHARING - JOINT MARKETING
We may disclose the following information to other financial institutions with whom we have joint marketing agreements:
Information you give us on an application or other forms, such as:
You do not have a right to opt out of the disclosure of this information.
Types of Business
We may disclose information pursuant to joint marketing agreements to the following types of businesses:
- Financial service providers, such as Credit Card companies
Security Statement
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password controlled system entry, a VeriSign issued Digital ID for the bank’s server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with the bank’s server the user must key in an Access ID and a password. Our system, the Internet Banking System, uses a “3 strikes and you’re out” lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to reset the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user’s identity and establishes a secure session.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server connection.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works In conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
