Analysis

The credit union’s website serves two functions: as a general source of information for members about their credit union and as a link to online account access and bill pay.

GPO Federal Credit Union is committed to protecting the privacy of our members and visitors to our website. We place a high priority on the privacy of your personal financial information. With that in mind, and in accordance with the Federal Trade Commission’s guidelines, we have instituted the following website privacy policy

Procedures

1. Connection Security

a. GPO Federal Credit Union’s encrypted website has security measures in place to protect against access, misuse or alterations of your information. All sensitive transactions use Secure Socket Layer (SSL) encrypted network transmissions. (SSL was created for use in transmitting private information over the Internet and encrypts (converts data into secret code) information exchanged between a Web browser and a Web server). Online loan requests (referral, name and contact information only) are SSL secured. No other encryption is needed. There isn’t any ability to transact or view confidential data.

2. When You Visit Our Website

a. For site management purposes, we collect standard non-identifying information about visits to the website, such as date and time visited and Internet provider (IP). This information is used to compile statistics about the effectiveness of our website. We do not collect any personal information, such as your name or address, during this process.

b. Specifically, we automatically collect and store only the following information when you visit our site:

i. The internet domain (i.e. “xcompany.com” or “yourschool.edu”) and IP address (an IP address is a number that is automatically assigned to your computer whenever you are surfing the web) from which you access our website

ii. The date and time you access our site

iii. The pages you visit and the result of the request, such as an image or query.

iv. Other status codes and values resulting from the Web server responding to the request received: HTTP status code, Windows NT code, number of bytes sent and received, duration (in seconds) to fulfill the request, server port number addressed, and protocol version.

c. This site uses third-party vendor remarketing tracking cookies, including the Google AdWords and Facebook tracking cookie. This means we will continue to show ads to you across the Internet. As always, we respect your privacy and are not collecting any identifiable information through the use of Google’s or any other third-party remarketing system. Third-party vendors, including Google, use cookies to serve ads based on a user’s past visits to your website. This allows us to make special offers and continue to market our services to those who have shown interest in our service. If you want to know when this happens, or to prevent it from happening, you can set your browser to warn you when a website attempts to place a “cookie” on your computer. However, in the implementation of our enhanced login security – which is an added level of online security – we do use cookies to help identify you and the computer that you normally use.

3. Content

a. Services, rates, contact information, marketing materials, privacy policy, loan calculators, links to transactional sites and other links are per policy. Other information that can improve the member’s financial well-being such as identity theft prevention, savings tips, money management techniques, etc. may be placed on the website. In order to encourage member browsing, the credit union may include other types of materials that may be of interest to the member. Materials that a reasonable person would consider offensive or poor in taste will not be placed on the credit union website.

4. Email or Online Forms

a. You choose whether or not to send us email or complete online forms that we have provided for your convenience.

b. Email

i. We preserve members’ email addresses and the contents of the emails so that we may respond to those emails, follow-up on any questions and use suggestions to improve our services. If you send us an email, you should know that email is not secure against interception. Do not include sensitive information like your account number, credit card or Social Security number, and if you prefer not use one of our secure online complaint forms, contact us by postal mail, telephone or personally visiting one of our representatives in our branches.

c. Online Forms

i. We use secure socket layer (SSL) encryption to protect the transmission of information you submit to us when you use our secure online forms. All the information you provide us through these forms is stored securely offline.

ii. When you communicate with us, we collect only the personal information that is necessary to conduct our business. All information you provided us through these forms is stored securely offline. We do not correlate the personal information that you send us with the information that we automatically gather (listed in section one), and we do not create or maintain personal profiles based on any personal information that you submit.

iii. We do not authorize, without your consent, release of any personal information that you submit to any third-party, unless required to do so by law.

5. Mobicint Online Account Access

a. Mobicint is a separate entity. Our third party provider only receives information as permitted by law and is subject to contractual confidentiality provisions restricting any release and use of nonpublic personal information.

6. Mobile Verification Agreement (Text Alerts)

a. When logging into Mobicint online banking, you may receive a pop-up mobile verification agreement. You must accept the mobile verification agreement to continue to use the online banking. By accepting the mobile verification agreement, you are authorizing Mobicint to send you alerts by SMS text message.

b. After enrolling into text alerts, you can stop receiving these alerts by deselecting your email or text preferences within the alerts feature.

c. Your subscribed (alerts) will be sent to the activated mobile phone number that you have provided. Receiving alerts is not a condition of purchase for the online banking service. You agree that we may use automatic telephone dialing systems to send alerts. Message and data rates may apply.

7. Access to Personal Information

a. Because we do not gather or store personal information regarding who visits our site, we have no way for you to access the information that we do gather, nor do so authorize third-parties to access that information.

8. Security of the Information We Gather

a. The information that we gather is stored on our internet provider’s server. It is protected by redundant firewalls. Again, the sharing of this information is only as permitted by law and is subject to contractual confidentiality provisions that restrict the release and use of such information.

9. Enforcement

a. GPO Federal Credit Union has a person on staff who helps us comply with the terms of this policy. Questions regarding this policy should be directed to [email protected], and will be forwarded to our compliance officer. You may also reach us by calling (315) 724-1654.

10. Exclusivity

a. Our site contains links to other sites outside our website. This privacy statement does not apply to those other sites. This privacy statement applies only to information stored at this GPO Federal Credit Union website.

11. Third Party Links

a. GPO Federal Credit Union provides links to websites that may be of interest to our members. Clicking on these links will take you outside of the GPO Federal Credit Union website. GPO Federal Credit Union does not control and is not responsible for the content, availability, privacy or security policies practiced by these third-party websites. We include disclaimers to members when they are re-routed to a non-GPO supported link or website. Websites whose content would not meet the guidelines for permissible information on the credit union’s website should not be linked.

b. External links for GPO FCU website

i. Partners

1. American Safety Council – Online defensive driving: https://home.uceusa.com/registration/Index.aspx?cid=69&host=gpofcu&language=en& lgr=8E25389E-37A9-DE11-BE6F-00C09F3F0F12

2. Auto Financial Group (Payment Saver auto loans): https://secure.autofinancialgroup.com/AFG/index.jsp?CUID=221380761

3. Harland Check reorder: https://www.ordermychecks.com/login_a.jsp

4. Love My Credit Union rewards: www.lovemycreditunion.org (including any sub sites that go along with this program)

5. ScoreCard Rewards: https://www.scorecardrewards.com

6. Value Checking: https://staging.mymembersmarketplace.com/gpofcu/retail

ii. Identity Theft Information

1. Federal Trade Commission (Identity theft): https://www.identitytheft.gov/

iii. Account Access

1. CO-OP Network ATM locator: www.co-opnetwork.org which redirects to https://coopcreditunions.org/locator/?ref=co-opatm.org&sc=1

2. CUC Online Mortgage Center: https://gpofcu.mortgagewebcenter.com

3. Mobicint online account access: https://mobicint.net/gpo/login

4. Mobicint online loan application: https://www.mobicint.net/gpo/login/loanapp

5. Online Bill Pay: https://www.gpofcu.com/access_billpay.html

6. ShareNet ATM locations: http://www.sharenetatm.com/locations.php

iv. Other

1. Adobe Acrobat Reader (link to download): http://www.adobe.com/products/acrobat/readstep2.html

2. Annual Credit Report: http://www.annualcreditreport.com

3. Financial calculators (via NYCUA): http://www.creditunionsforyou.com/calculators.html

4. GrooveCar: https://gpofcu.groovecar.com

5. NCUA brochure – Your Insured Funds: http://www.ncua.gov/Publications/brochures/insured_funds/funds.pdf

6. NCUA Share estimator: http://webapps.ncua.gov/ins/

7. Verified by Visa: https://usa.visa.com/personal/security/vbv/index.html?ep=v_sym_verifie

12. Website Changes

a. All website changes must be authorized by the VP of Marketing and Business Development. When the changes are made, they will be given documentation to review and sign off on to approve the changes. The credit union will maintain a binder and spreadsheet indicating all approved changes to the website.

13. Compliance

a. It is necessary for the credit union’s website to be in compliance with all applicable state and Federal laws as well as NCUA and American with Disabilities Act rules and regulations. As part of its ongoing compliance, the credit union will ensure the following:

i. The website will be updated to reflect applicable changes in policy and procedures.

ii. Online advertisements will be reviewed for rate accuracy and proper disclosure requirements.

iii. The rates page will be reviewed on an ongoing basis and will be immediately updated when rates change.

iv. The fee schedule page will be reviewed on an ongoing basis and will be immediately updated when fees change (we link to our fee schedule).

v. On a quarterly basis, the credit union will review all pages and links for accuracy.

vi. Annually a website audit will be performed by either internal or external personnel. b. The GPO Federal Credit Union website is reviewed during the IT review and audit.

 

Date Created: N/A

Date Revised: 11/21/2021

Date Approved by BOD: 1/31/2022