I. CATEGORIES OF INFORMATION WE COLLECT ONLINE AND THROUGH OUR MOBILE
We collect the following categories of personal information when you open an online account, visit oefederal.org, and when you use our applications on your mobile device (please note that some categories overlap):
|A. Identifiers||A real name or alias, postal address, signature, home phone number or mobile Phone number, account number, credit card number, debit card number, or other financial information, browser type, operating system, Internet service provider (“ISP”), Internet Protocol (IP) address, pages that you visit before and after visiting our website, the date and time of your visit, information about the links you click and pages you view on our website, and other standard server log information, email address, account name, Social Security number, driver license number or state identification card number, passport number or other similar identifiers.|
|B. Protected classification characteristics under state or federal law||Date of birth/age, citizenship, marital status, sex (including gender, gender identity, gender expression), veteran or military status.|
|C. Commercial information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|D. Biometric information||Physiologicl and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints and faceprints.|
|E. Geolocation data||Physical location or movements. For example, city, state, country, and ZIP code associated with your IP address or derived through Wi-Fi triangulation, and, with your permission in accordance with your mobile device settings, and precise geolocation information from GPS-based functionality on your mobile devices.|
|F. Sensory data||Audio, electronic, visual, or similar information.|
|G. Professional or employment-related information.||Current or past job history and salary.|
The Role of Cookies and Other Online Tracking Technologies
“Cookies” are small amounts of data a website can send to a visitor’s web browser. They are often stored on the device you are using to help track your areas of interest. Cookies may also enable us or our service providers and other companies we work with to relate your use of our online services over time to customize your experience. Most web browsers allow you to adjust your browser settings to decline or delete cookies but doing so may degrade your experience with our online services.
Clear GIFs, pixel tags, or web beacons-which are typically one-pixel, transparent images located on a webpage or in an email or other message-or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when you are served advertisements, or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns, and measure site or campaign engagement.
Local Shared Objects, sometimes referred to as “flash cookies” may be stored on your hard drive using a media player or other software installed on your device. Local Shared Objects are similar to cookies in terms of their operation but may not be managed in your browser in the same way.
“First party” cookies are stored by the domain (website) you are visiting directly. They allow the website’s owner to collect analytics data, remember language settings, and perform useful functions that help provide a good experience. “Third-party” cookies are created by domains other than the one you are visiting directly, hence the name third-party. They may be used for cross-site tracking, retargeting and ad-serving. We also believe that cookies fall into the following general categories:
- Essential Cookies: These cookies are technically necessary to provide website functionality. They are a website’s basic form of memory, used to store the preferences selected by a user on a given site. As the name implies, they are essential to a website’s functionality and cannot be disabled by users. For example, an essential cookie may be used to prevent users from having to log in each time they visit a new page in the same session.
- Performance and Function Cookies: These cookies are used to enhance the performance and functionality of a website but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable.
- Analytics and Customization Cookies: Analytics and customization cookies track user activity, so that website owners can better understand how their site is being accessed and used. Cookies may be used to personalize experience through AdWords.
Online Advertising & Online Behavioral Advertising
You may see advertisements when you use many of our online services. These advertisements may be for our own products or services or for products and services offered by third parties. Which advertisements you see may be determined using the information we or our affiliates, service providers and other companies that we work with have about you, including information about your relationships with us (e.g., types of accounts held, transactional information, location of banking activity). To that end, where permitted by applicable law, we may share with others the information we collect from and about you.
Do Not Track signals
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Third-party service providers in connection with our services or our business purposes
We collect information from third-party service providers that interact with us in connection with the services we perform or for our operational purposes. For example, a third-party service provider that provides us information to help us detect security incidents and fraudulent activity.
Online Banking and Mobile Applications provided by Q2 Holdings, Inc.
II. APP PERMISSIONS AND TRANSMIT PERSONAL INFORMATION
We transmit and handle all personal and sensitive information securely, including transmitting by modern cryptography. For example, utilizing HTTPS.
Application Permissions are required to use that specific feature
- Access to Camera Device for use of Remote Deposit Capture and Identification
- Access for use of Identification
- Access to Location Services for mapping
- External Storage
- Access to Storage for Secure Messaging
- Access to Contacts for use of Zelle Contact Import
III. HOW WE USE YOUR PERSONAL INFORMATION
We may use or disclose personal information we collect for one or more of the following operational or other notified purpose (“business purpose”):
- To fulfill or meet the reason for which the information is provided. For example, you apply for a loan, and we use the information in your loan application to give you the loan.
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, event registrations or other notices concerning our products or services, or events or news, that may be of interest to you.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
- To improve our website and present its contents to you.
- For testing, research, analysis to improve our products and services and for developing new ones.
- To protect the rights, property or safety of us, our employees, our members or others.
- To detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
Online or in mobile apps, we will never publicly disclose any personal and sensitive data related to financial or payment activities or any government identification numbers.
IV. SHARING PERSONAL INFORMATION
We disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to keep that personal information confidential and not to use it for any purpose except performing the contract.
We disclose your personal information for a business purpose to the following categories of third-parties:
- Our third-party service providers to process your transactions and maintain your accounts
- Our affiliated websites and businesses in an effort to bring you improved service across our family of products and services, when permissible under relevant laws and regulations
- Other companies to bring you co-branded services, products or programs
- Third parties that help us advertise, products, services or membership with us to you
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you
- Third parties or affiliates in connection with a corporate transaction, such as a sale, consolidation or merger of our financial institution or affiliated business; and
V. SELLING PERSONAL INFORMATION
VII. CHILDREN’S ONLINE INFORMATION PRIVACY
Our website is not intended for children under the age of 13. We do not knowingly collect, maintain, or use personally identifiable information from our website about children under the age of 13 without parental consent. For more information about the Children’s Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website: https://.www.ftc.gov
VIII. LINKING TO THIRD-PARTY WEBSITES
We use reasonable physical, electronic, and procedural safeguards that comply with federal standards to protect and limit access to personal information. This includes device safeguards, secured files and buildings and while signed into Online banking, your information is encrypted with a minimum of 125-bit Secure Socket Layer (SSL) encryption.
Please note that information you send to us electronically may not be secure when it is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information (such as your Social Security number) to us.