
PRIVACY STATEMENT
Effective as of January 1, 2020
Last updated September 28, 2020
Introduction
First PREMIER Bank (“PREMIER,” “we,” “our,” or “us”) respects the privacy of your information. This Privacy Statement is designed to assist you in understanding how we collect, use and safeguard the information you provide to us in using our websites (the “Sites”), the services provided through our Sites and the mobile application we offer (collectively referred to as the “Services”).
If you have a financial product or service with us, we will use and share any information that we collect from or about you in accordance with our Privacy Notice, which offers you certain choices with respect to the use and sharing of your personal information.
From time to time, we may change this Privacy Statement. If we do, we will post an amended version on this webpage. Please review this Privacy Statement periodically.
COLLECTING AND USING INFORMATION
Personally Identifiable Information We Collect Online
Through your use of the Sites and Services, we may collect personally identifiable information, which is individually identifiable information about an individual consumer that we collect online and that we maintain in an accessible form (“Personally Identifiable Information”). We collect the following types of Personally Identifiable Information:
Information You Provide
We may collect the following Personally Identifiable Information that you voluntarily provide to us:
Information as You Navigate Our Sites
We automatically collect certain Personally Identifiable Information through your use of our Sites and Services, such as the following:
Information Provided About a Third Party
We may receive certain Personally Identifiable Information from you about a third party. For example, as part of applying for an account, you may provide the name, date of birth, and address of a third party. If you submit any Personally Identifiable Information about another individual to us, you are responsible for making sure that you have the authority to do so and to allow us to use their Personally Identifiable Information in accordance with this Privacy Statement.
How We Use Your Personally Identifiable Information
We use the Personally Identifiable Information we collect to provide the Services to you, to improve our Services and Site, and to protect our legal rights. In addition, we may use the Personally Identifiable Information we collect to:
How We Share Your Personally Identifiable Information
We do not disclose your social security number, credit card or banking information to third parties not assisting us with supplying your request for products or services without your authorization. However, we may share the Personally Identifiable Information that we collect about you in the following ways:
Where appropriate, we will limit sharing of your information in accordance with the choices you have provided us in response to our Privacy Notice.
COOKIES AND OTHER TRACKING TECHNOLOGIES
Cookies
Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons). To learn more about how we use cookies and your choices regarding our use of cookies, please see our Cookie Policy.
Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The technologies used by Google Analytics do not gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.
Google RECAPTCHA
We use Google reCAPTCHA, a free service provided by Google, Inc., to protect our Sites from spam and abuse. Google reCAPTCHA uses advanced risk analysis techniques to decipher humans and bots. Google reCAPTCHA works differently depending on what version is deployed. For example, you may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction. Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements. Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Use. More information as to Google reCAPTCHA and how it works is available here.
"Do Not Track" Signals
Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, our Sites do not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
CHOICES ABOUT YOUR PERSONALLY IDENTIFIABLE INFORMATION
Wireless Addresses
If the email address you provide to us is a wireless email address, you agree to receive commercial messages at such address from us, our vendors or advertisers (unless and until you have elected not to receive such commercial messages by following the instructions in the unsubscribe portion of this Statement). You understand that your wireless carrier’s standard rates apply to these messages. You represent that you are the owner, or authorized user of the wireless device on which messages will be received, and you are authorized to approve the applicable charges.
Security
We endeavor to safeguard and protect your information. When you submit information on our Sites, such information is protected both online and offline. We have security measures in place to protect against the loss, misuse, and alteration of Personally Identifiable Information under our control. The servers in which we store your information are kept in a secure physical environment. The servers have industry standard firewalls. Access to such servers is password protected and access by our employees is limited. Currently, we use Secure Socket Layer software (“SSL”) to protect data and to secure any transactions. SSL encrypts information including credit card number(s), and names and addresses, as they are transmitted over the Internet. Please be advised that, although we take commercially reasonable technological precautions to protect your data, no data transmission over the Internet can be guaranteed to be 100% secure; therefore, we cannot and do not warrant that your information will be absolutely secure. Any transmission of data at or through our Sites or Services is at your own risk. However, access to your information is strictly limited and not accessible to the public.
Third Party Links
The Site may contain links that will let you leave the Site and access another website. Linked websites are not under our control. Except as stated below, this Privacy Statement applies solely to Personally Identifiable Information that is acquired on this Site. We accept no responsibility or liability for these other websites.
Children's Privacy
The Site and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13.
Notice to California Residents
The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy statement that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this does not apply to you and you should not rely on it.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include information that is publicly available, deidentified or aggregate information. For purposes of this "Notice to California Residents" section we will refer to this information as “Personal Information.”
The CCPA contains important limitations that are relevant to First PREMIER Bank.
The CCPA’s privacy rights described below do not apply to Personal Information that is collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. Because we are subject to those laws and regulations, much of the Personal Information that we collect is exempt from the CCPA. Your choices and rights with respect to our use and sharing of that information are subject to our Privacy Notice.
The CCPA’s privacy-related rights also do not apply to certain types of Personal Information that is subject to the Federal Credit Reporting Act (FCRA). Some of our services are subject to the FCRA and, therefore, exempt from the CCPA on that basis.
Right to Know About Personal Information Collected, Disclosed, or Sold
If you are a California resident, you have the right to request that we disclose what Personal Information we have collected about you in the 12-month period preceding your request. This right includes the right to request any or all of the following:
(1) Specific pieces of Personal Information that we have collected about you;
(2) Categories of Personal Information we have collected about you;
(3) Categories of sources from which the Personal Information was collected;
(4) Categories of Personal Information that we sold (if applicable) or disclosed for a business purpose about you;
(5) Categories of third parties to whom the Personal Information was sold (if applicable) or disclosed for a business purpose; and
(6) The business or commercial purpose for collecting or, if applicable, selling Personal Information.
The CCPA defines “sell” to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.
Collection of Personal Information
We currently collect and, in the 12 months prior to the Effective Date of this Privacy Statement, have collected the following categories of Personal Information about California residents directly from them and from service providers:
• Identifiers (name, postal address, online identifiers, internet protocol address, social security number, driver’s license number, account name, and email address)
• Unique personal identifiers (cookies, beacons, pixel tags, or other similar technology; customer number)
• Telephone number
• Signature
• Bank account number
• Commercial information (records of personal property, products or services purchased, obtained or considered)
• Other financial information
• Biometric/Fingerprint (collected by your phone when using our app, but not by us)
• Employment information
• Characteristics of protected classifications under California or federal law (gender, sex, age (40 and older), and military/veteran status)
In addition to the purposes stated above in the section “COLLECTING AND USING INFORMATION” we collected the above Personal Information for the following business or commercial purposes:
• Maintaining or servicing accounts
• Processing or fulfilling orders and transactions
• Providing customer service
• Providing financing
• Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
• Auditing related to a current interaction with the consumer and concurrent transaction, including, but not limited to, counting ad impressions to unique visitors
• Providing analytic services
• Enabling or effecting, directly or indirectly, a commercial transaction
Disclosure or Sale of Personal Information
The following is a list of categories of Personal Information that we have disclosed or sold to service providers or third parties for a business or commercial purpose in the 12 months preceding the Effective Date of this Privacy Statement and, for each category, the category of service providers or third parties to whom the Personal Information was sold or disclosed:
• Name (business partners)
• Postal Address (business partners)
• Telephone number (business partners)
• Gender (business partners)
• IP address (business partners and data analytics providers)
• Cookies, beacons, pixel tags, or other similar technology (data analytics providers (please see “Cookies” section above for further information as to our use of cookies))
As of the Effective Date of this Privacy Statement we do not sell Personal Information.
We do not knowingly sell the Personal Information of minors under 16 years of age.
Right to Request Deletion of Personal Information
If you are a California resident, you have the right to request deletion of the Personal Information about you that we have collected. However, per the CCPA, we are not required to comply with a request to delete if it is necessary for us to maintain the Personal Information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
How to Submit a Request to Know or Delete
CREDIT CARD: If you have a First PREMIER Bank credit card or provided personal information in relation to a First PREMIER Bank credit card, please submit your request to know through our interactive webform available at https://www.connect.mypremiercreditcard.com/Home/CCPA or by calling us at 1-877-635-2568.
OTHER BANKING RELATIONSHIPS: If you have provided personal information in relation to any First PREMIER Bank account other than a credit card account, such as a checking, savings, loan, mortgage or trust account, please submit your request to delete through our interactive webform available at https://www.firstpremier.com/ccpa or by calling us at 1-800-501-7547.
If you submit a request to delete online, you may be asked to confirm separately that you want your Personal Information deleted.
If you have both a credit card and a non-credit card relationship with First PREMIER Bank, please submit your request to know for each relationship separately as described above.
As discussed, many of the categories of Personal Information are exempt from the CCPA. Your choices and rights with respect to our use and sharing of that information are subject to our Privacy Notice.
Our Process for Verifying a Request to Know
If we determine that your request is subject to an exemption, we will notify you of our determination. If we determine that your request is not subject to an exemption, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request. Our verification process may differ depending on whether you maintain a password-protected account with us.
If you maintain a password-protected account, we may verify your identity through existing authentication practices available through your account. Prior to disclosing the requested information, we will ask you to re-authenticate yourself with respect to that account.
If you do not maintain a password-protected account, or if you are an account-holder but we suspect fraudulent or malicious activity with your account, we will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure or deletion as applicable.
For requests to access categories of Personal Information and for requests to delete Personal Information that is not sensitive and does not pose a risk of harm by unauthorized deletion, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points that you previously provided to us and which we have determined to be reliable for the purpose of verifying identities.
For requests to access specific pieces of Personal Information or for requests to delete Personal Information that is sensitive and poses a risk of harm by unauthorized deletion, we will verify your identity to a “reasonably high degree of certainty” by verifying at least three pieces of Personal Information previously provided to us and which we have determined to be reliable for the purpose of verifying identities. In addition, you will be required to submit a signed declaration under penalty of perjury stating that you are the individual whose Personal Information is being requested.
Right to Opt-Out of Sale of Personal Information
If you are a California resident, you have the right to direct businesses to stop selling your Personal Information. We do not sell Personal Information as it is defined in the CCPA.
Right to Non-Discrimination for the Exercise of a California Resident’s Privacy Rights
We will not discriminate against California residents if they exercise any of the rights provided in the CCPA as described in this section “Notice to California Residents.” As such, we will not deny goods or services to that California resident; charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provide a different level or quality of goods or services to the California resident; or suggest that the California resident will receive a different price or rate for goods or services or a different level or quality of goods or services. However, we are permitted to charge a California resident a different price or rate, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by the individual’s data.
Authorized Agents
If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, and if the request is not subject to an exemption or exception, we will require additional information to verify your authority to act on behalf of the California resident.
ACCESSIBILITY
We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Statement in an alternative format, please contact us as described below.
HOW TO CONTACT US
To contact us for questions or concerns about our privacy policies or practices please contact us via any of the following methods:
In writing:
First PREMIER Bank
500 S. Minnesota Avenue
Sioux Falls, SD 57104
By phone: 1-800-501-7547
By email: deposit.services@firstpremier.com