PRIVACY AND INFORMATION SECURITY POLICY

Privacy Policy

1. Objectives

We are committed to protecting the confidentiality and integrity of the information to which it has been entrusted by our clients. The Privacy and Information Security Policy ("Policy") outlines the principles with respect to the collection, sharing, and protection of Information. We will adopt and implement procedures to achieve the corporate Policy goals: to obtain, maintain and disseminate Information appropriately; to ensure the security and confidentiality of Information; and, protect against anticipated internal or external threats or hazards to the security or integrity of the Information.

2. Scope

Information takes many forms and includes records stored on computers and magnetic or optical media, data transmitted across networks or by fax, and information printed out or written on paper. It can also consist of work knowledge or concepts and can be represented in material objects. Specifically, we may obtain "Nonpublic Personal Information," information about an individual obtained in connection with providing a financial product or service to the individual for personal, family or household purposes. Nonpublic Personal Information may include, but is not limited to, name, address, social security number, account number or balance, debit card usage, and insurance policy coverage and may be provided to us directly by the individual or obtained from transactions with us or others.

3. Use of Nonpublic Personal Information

We use the Nonpublic Personal Information we collects in a variety of ways depending on the nature of the customer's relationship including, but not limited to, delivering various financial services; processing, servicing and maintaining accounts and transactions; responding to customer requests; resolving disputes; and generally fulfilling our obligations to our customers. In addition, the information may be used to verify a customer's identity as required by the USA PATRIOT Act.

4. Disclosure of Nonpublic Personal Information

We do not disclose any Nonpublic Personal Information to third parties, except as permitted or required by law, rules or regulations. We may disclose Nonpublic Personal Information to other financial institutions with which we have a joint marketing agreement or similar arrangement. Nonpublic Personal Information may be disclosed to affiliated and nonaffiliated third parties to enable them to provide business services, including marketing services, for us, such as helping to evaluate requests for products or services, performing general administrative activities and/or assisting in processing transactions. The affiliated and nonaffiliated third parties are required to protect the confidentiality and security of this information and to use it only in accordance with our instructions. In the event that a customer decides to close an account or otherwise becomes an inactive customer, we will continue to follow our privacy and information security practices.

5. Cookies

This website uses cookies, messages given to a Web browser by a Web server. The browser then stores the cookie in a text file. This website uses two types of cookies:

Session cookies  which are temporary cookies that are automatically deleted whenever you close all open Web browser windows. Session cookies are used to ensure that you are recognized when you move from page to page within the site and that any information you have entered is remembered. Session Cookies do not collect information from the user’s computer. They typically will store information in the form of a session identification that does not personally identify the user.

Persistent cookies  that remain permanently on the cookie file of your computer. These persistent cookies contain the user id used to access the site along with encrypted identification values associated with the User ID in conjunction with the particular device (e.g. the PC, mobile device or other computer from which you accessed the website). These persistent cookies are used to provide enhanced security measures, personalize your experience on the site, monitor overall web site performance and provide overall site usage reporting. Cookies placed on your device do not contain any personal information, such as an email address or name.

Although your browser may permit you to reject cookies, cookies are required to login and navigate within this website. If you should choose to disallow cookies you will be required to respond to challenge questions each time you log on.

We protect your account information from unauthorized access, to the best of our ability, by placing it on the most secure portion of our website. That’s why you have to enter a unique user name and password as well as either registering your device with us or answering 2 additional personal knowledge base questions each time you want to access this secure website. We also utilize a site authentication feature (personalized image and description), which allows you to verify you are visiting the valid website. Your password should never be shared with anyone. None of our other clients can access your data, and only a restricted set of our employees can access your data in order to provide service to you. When you access password protected portions of our site using a web browser, Secure Sockets Layer (SSL) technology is used to protect your communications through server authentication and data encryption. We upgrade and maintain our technology on an ongoing basis. Although this website may link to some external sites, we are not responsible for the privacy practices of those websites.

6. Vermont and California Residents Only

The information practices described above comply with federal law. Vermont and California laws place additional limits on sharing Nonpublic Personal Information about their residents. If a customer is a Vermont or California resident, we will automatically limit the disclosure of Nonpublic Personal Information to affiliated and nonaffiliated third parties as permitted or required by applicable law or regulation.

7. Information Security

We maintain physical, electronic and procedural safeguards to protect Information. We are committed to the following principles to ensure the confidentiality and protection of Information: maintaining Information security, taking into consideration business requirements, risk mitigation, industry practice, and legal and regulatory requirements; protecting all forms of Information; implementing security measures that are effective, consistent and cost justified; effective implementation by management and staff for adherence to policies and procedures; monitoring advances in security technology to ensure that we are providing an appropriate level of privacy and safety; and, appropriate reporting of deviations from the policies and procedures or security breaches.