Privacy Policy

CEFCU’s Privacy Policy

Citizens Equity First Credit Union ("CEFCU") and its wholly-owned subsidiary, CEFCU Financial Services®, Inc., (together, "we" or "our") are committed to keeping personal financial information about you, your accounts, and your transactions confidential as required by federal and state laws and the CEFCU Bylaws. This Privacy Policy applies to all visitors, users, and others who do not reside in the State of California ("you" or "your"). Visitors, users, and others who reside in the State of California see CEFCU's Privacy Policy for California Residents. This Privacy Policy explains our privacy policies and practices regarding the information we collect from or about you, how we protect that information, the sharing of that information to better serve your financial needs, and your choices about our sharing that information.

FACTS	WHAT DO WE DO WITH YOUR PERSONAL INFORMATION?
Why?	Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this CEFCU Privacy Policy carefully to understand what we do.
What?	The types of personal information we collect and share depend on the product or service you have with us. This information can include: Social Security number and income Credit-based insurance scores Account balances and payment history Credit history and assets
How?	All financial companies need to share members’/customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their members’/customers’ personal information; the reasons we choose to share; and whether you can limit this sharing.

Reasons we can share your personal information	Does CEFCU share?	Can you limit this sharing?
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus	YES	NO
For our marketing purposes – to offer our products and services to you	YES	NO
For joint marketing with other financial companies	YES	NO
For our affiliates’ everyday business purposes – information about your transactions and experiences	YES	NO
For our affiliates’ everyday business purposes – information about your creditworthiness or insurability	YES	YES
For our affiliates to market to you	YES	YES
For nonaffiliates to market to you	NO	WE DON’T SHARE

To limit our sharing, mail the Mail-in Form (PDF, 74 KB)
REMEMBER: If you previously opted out, you do not need to do so again. Your choice(s) will apply until you tell us to change your choice(s). Please note: If you are a new member/customer, we can begin sharing your information 30 days from the date we sent you an initial privacy notice. When you are no longer our member/policyholder, we continue to share your information as described in this California Privacy Policy. However, you can contact us at any time to limit our sharing. You may do so by writing us a letter and mailing it to: Citizens Equity First Credit Union Compliance Department 5401 W. Dirksen Parkway P.O. Box 1715 Peoria, IL 61607
Questions? Call toll-free 1.800.633.7077 or go to cefcu.com.

To limit our sharing, mail the Mail-in Form (PDF, 74 KB)

REMEMBER: If you previously opted out, you do not need to do so again. Your choice(s) will apply until you tell us to change your choice(s).

Please note:
If you are a new member/customer, we can begin sharing your information 30 days from the date we sent you an initial privacy notice. When you are no longer our member/policyholder, we continue to share your information as described in this California Privacy Policy.

However, you can contact us at any time to limit our sharing. You may do so by writing us a letter and mailing it to:

Citizens Equity First Credit Union
Compliance Department
5401 W. Dirksen Parkway
P.O. Box 1715
Peoria, IL 61607

Questions? Call toll-free 1.800.633.7077 or go to cefcu.com.

Who we are
Who is providing this Privacy Policy? CEFCU and CEFCU Financial Services, Inc.

What we do
How does CEFCU protect my personal information?	To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards, secured files and buildings, and restricted access to your personal information.
How does CEFCU collect my personal information?	We collect your personal information, for example, when you: open an account or deposit money apply for insurance pay your bills or apply for a loan pay insurance premiums use your credit or debit card We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing?	Federal law gives you the right to limit only: sharing for affiliates’ everyday business purposes – information about your creditworthiness affiliates from using your information to market to you sharing for nonaffiliates to market to you State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
What happens when I limit sharing for an account/policy I hold jointly with someone else?	Your choices will apply to everyone on your account/policy – unless you tell us otherwise.

Definitions
Affiliates	Companies related by common ownership or control: They can be financial and nonfinancial companies. Our affiliates are: CEFCU Financial Services, Inc. MEMBERS™ Trust Company
Nonaffiliates	Companies not related by common ownership or control: They can be financial and nonfinancial companies. Nonaffiliates we share with can include financial service providers, such as securities broker-dealers and insurance companies or agents; and non-financial companies, such as retailers, direct marketing companies, airlines, and publishers.
Joint marketing	A formal agreement between nonaffiliated financial companies that together market financial products or services to you. Our joint marketing partners include securities broker-dealers and insurance companies.

Definitions

Affiliates

Companies related by common ownership or control: They can be financial and nonfinancial companies.

Our affiliates are:

CEFCU Financial Services, Inc.
MEMBERS™ Trust Company

Nonaffiliates

Companies not related by common ownership or control: They can be financial and nonfinancial companies.

Nonaffiliates we share with can include financial service providers, such as securities broker-dealers and insurance companies or agents; and non-financial companies, such as retailers, direct marketing companies, airlines, and publishers.

Joint marketing

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

Our joint marketing partners include securities broker-dealers and insurance companies.

Information Collection

We do not collect any personally identifiable information on our website unless you submit the information or give your consent. We use website monitoring software to gather aggregate information about our visitors’ browsing activities in order to improve our website and better serve our members/consumers. We use this data to analyze trends, track visitor movement, and gather demographic information. IP addresses are not linked to personally identifiable information. We provide calculators and other online tools to assist visitors in making financial decisions. These tools do not collect or store any information entered by web visitors. Applications for services, accounts, or loans you submit through Online Banking, Open an Account, and/or Apply for a Loan and forms that you complete and submit on our website are protected in accord with this Privacy Policy.

We do not knowingly collect any personally identifiable information from children under age 13 on our website.

When you log in to Online Banking, Open an Account, and/or Apply for a Loan, your identity is no longer anonymous; each username corresponds to a specific member/consumer and that information is collected and retained. To ensure the security of your accounts and information, all actions are monitored and tracked. You should never share your username and/or password with another person to ensure the security and privacy of your accounts and information. Refer to the Online Banking, Open an Account, and/or Apply for a Loan disclosures for complete privacy, security, and usage information.

Security Procedures

We understand the confidential and secure nature of your personal and financial data and have multiple security measures in place. Applications for services, account(s) or loan(s) that you submit through Online Banking, Open an Account, or Apply for a Loan and forms that you complete and submit on our website are submitted through secure, encrypted web pages. You can verify the security of a web page by looking for the “locked padlock” icon which most browsers display as a sign of a secure web page. To ensure the encryption of your web visit, you should ensure that you are using the most current web browser available. When you have logged in to Online Banking, Open an Account, or Apply for a Loan, all transactions and information are secure. We utilize the latest in technology to monitor Online Banking, Open an Account, and Apply for a Loan activity to protect your transactions and information. Built-in security measures include a session time-out (your Online Banking, Open an Account, or Apply for a Loan session will automatically log out after a period of inactivity), log in error lockout (after repeated incorrect log in attempts), and multi-factor authentication to verify your identity before you can log in.

Cookies

In order to provide certain Web-based services and to make your online experience more personalized, we may use cookies as part of our interaction with your Internet browser. A cookie is a very small piece of information stored on your local computer so it can later be read by our Web server. We use cookies to display information more effectively to you and to gather data about usage of our website. Cookies allow us to collect technical and navigational information — such as browser type, time spent on our website, and pages visited or track activity relating to our online promotions. This information is anonymous and does not include personal information. We retain, aggregate, monitor, and analyze the use of our website so we can continually improve the design, usability, and functionality to better serve you.

You can disable and delete cookies by accessing your browser’s preferences menu; however, you should be aware that when cookies are disabled, other online account services we provide, like Online Banking, may not work properly. For more information on working with cookies, consult the Help function of your browser.

Links to Other Websites

We are committed to providing you with the most complete information possible to help you make sound financial decisions. As a convenience to you, we may link from our website to other websites or Internet resources operated by third parties. When you link from our website to a third-party website, the linked website will appear in a new browser window or an alert will appear to notify you that you are leaving our website.

Links to third-party websites are solely for informational purposes and should not be construed as our endorsement or guarantee of the information or services provided on the linked website. We do not control third-party websites and are not responsible for the content on linked websites. Third-party website privacy, security, and other policies may differ from this Privacy Policy. Please review a linked website’s policies before providing personal information on that website.

Interruption of Service

At certain times, cefcu.com, Online Banking, Open an Account, and/or Apply for a Loan may be unavailable due to system maintenance or circumstances beyond our control. We conduct frequent and regular backups of your information and utilize redundant information practices to protect your information from being lost, altered, or corrupted due to unforeseen equipment malfunctions.

Changes to Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated Privacy Policy on our website and update the effective date. Your continued use of our website or any product or service we provide following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this Privacy Policy, please contact us at:

Citizens Equity First Credit Union
            Compliance Department
            P.O. Box 1715
            Peoria, IL 61656-9989

Effective Date: January 1, 2020.

CEFCU’s Privacy Policy for California Residents

Citizens Equity First Credit Union (“CEFCU”) and its wholly-owned subsidiary, CEFCU Financial Services®, Inc., (together, “we” or “our”) are committed to keeping personal financial information about you, your accounts, and your transactions confidential as required by federal and state laws and the CEFCU Bylaws. This Privacy Policy for California Residents (“California Privacy Policy”) applies to all visitors, users, and others who reside in the State of California (“you” or “your”). This California Privacy Policy explains our privacy policies and practices regarding the information we collect from or about you, how we protect that information, the sharing of that information to better serve your financial needs, and your choices about our sharing that information. We adopt this California Privacy Policy to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this California Privacy Policy. If you have a disability, please visit our Accessibility Help page at https://www.cefcu.com/accessibility-help.html.

FACTS	WHAT DO WE DO WITH YOUR PERSONAL INFORMATION?
Why?	Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this California Privacy Policy carefully to understand what we do.
What?	The types of personal information we collect and share depend on the product or service you have with us. This information can include: Social Security number and income Credit-based insurance scores Account balances and payment history Credit history and assets
How?	All financial companies need to share members’/customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their members’/customers’ personal information; the reasons we choose to share; and whether you can limit this sharing.

Reasons we can share your personal information	Does CEFCU share?	Can you limit this sharing?
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus	YES	NO
For our marketing purposes – to offer our products and services to you	YES	NO
For joint marketing with other financial companies	YES	NO
For our affiliates’ everyday business purposes – information about your transactions and experiences	YES	NO
For our affiliates’ everyday business purposes – information about your creditworthiness or insurability	YES	YES
For our affiliates to market to you	YES	YES
For nonaffiliates to market to you	NO	WE DON’T SHARE

To limit our sharing, mail the Mail-in Form (PDF, 74 KB)
REMEMBER: If you previously opted out, you do not need to do so again. Your choice(s) will apply until you tell us to change your choice(s). Please note: If you are a new member/customer, we can begin sharing your information 30 days from the date we sent you an initial privacy notice. When you are no longer our member/policyholder, we continue to share your information as described in this California Privacy Policy. However, you can contact us at any time to limit our sharing. You may do so by writing us a letter and mailing it to: Citizens Equity First Credit Union Compliance Department 5401 W. Dirksen Parkway P.O. Box 1715 Peoria, IL 61607
Questions? Call toll-free 1.800.633.7077 or go to cefcu.com.

To limit our sharing, mail the Mail-in Form (PDF, 74 KB)

REMEMBER: If you previously opted out, you do not need to do so again. Your choice(s) will apply until you tell us to change your choice(s).

Please note:
If you are a new member/customer, we can begin sharing your information 30 days from the date we sent you an initial privacy notice. When you are no longer our member/policyholder, we continue to share your information as described in this California Privacy Policy.

However, you can contact us at any time to limit our sharing. You may do so by writing us a letter and mailing it to:

Citizens Equity First Credit Union
Compliance Department
5401 W. Dirksen Parkway
P.O. Box 1715
Peoria, IL 61607

Questions? Call toll-free 1.800.633.7077 or go to cefcu.com.

Who we are
Who is providing this California Privacy Policy? CEFCU and CEFCU Financial Services, Inc.

What we do
How does CEFCU protect my personal information?	To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards, secured files and buildings, and restricted access to your personal information.
How does CEFCU collect my personal information?	We collect your personal information, for example, when you: open an account or deposit money apply for insurance pay your bills or apply for a loan pay insurance premiums use your credit or debit card We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing?	Federal law gives you the right to limit only: sharing for affiliates’ everyday business purposes – information about your creditworthiness affiliates from using your information to market to you sharing for nonaffiliates to market to you State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
What happens when I limit sharing for an account/policy I hold jointly with someone else?	Your choices will apply to everyone on your account/policy – unless you tell us otherwise.

Definitions
Affiliates	Companies related by common ownership or control: They can be financial and nonfinancial companies. Our affiliates are: CEFCU Financial Services, Inc. MEMBERS™ Trust Company
Nonaffiliates	Companies not related by common ownership or control: They can be financial and nonfinancial companies. Nonaffiliates we share with can include financial service providers, such as securities broker-dealers and insurance companies or agents; and non-financial companies, such as retailers, direct marketing companies, airlines, and publishers.
Joint marketing	A formal agreement between nonaffiliated financial companies that together market financial products or services to you. Our joint marketing partners include securities broker-dealers and insurance companies.

Definitions

Affiliates

Companies related by common ownership or control: They can be financial and nonfinancial companies.

Our affiliates are:

CEFCU Financial Services, Inc.
MEMBERS™ Trust Company

Nonaffiliates

Companies not related by common ownership or control: They can be financial and nonfinancial companies.

Nonaffiliates we share with can include financial service providers, such as securities broker-dealers and insurance companies or agents; and non-financial companies, such as retailers, direct marketing companies, airlines, and publishers.

Joint marketing

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

Our joint marketing partners include securities broker-dealers and insurance companies.

Other Important Information

California law limits our sharing your personal and financial information: (1) with a nonaffiliated third party unless you give us your prior written consent; and (2) with our affiliates or with outside companies we enter into joint marketing with to provide products and services unless we give you an “Important Privacy Choices for Consumers” notice and you do not say “No”. The “Important Privacy Choices for Consumers” notice is provided at the time you open your account and sent to you annually.

Security Procedures

We understand the confidential and secure nature of your personal and financial data and have multiple security measures in place. Applications for services, account(s) or loan(s) that you submit through Online Banking, Open an Account, or Apply for a Loan and forms that you complete and submit on our website are submitted through secure, encrypted web pages. You can verify the security of a web page by looking for the “locked padlock” icon which most browsers display as a sign of a secure web page. To ensure the encryption of your web visit, you should ensure that you are using the most current web browser available. When you have logged in to Online Banking, Open an Account, or Apply for a Loan, all transactions and information are secure. We utilize the latest in technology to monitor Online Banking, Open an Account, and Apply for a Loan activity to protect your transactions and information. Built-in security measures include a session time-out (your Online Banking, Open an Account, or Apply for a Loan session will automatically log out after a period of inactivity), log in error lockout (after repeated incorrect log in attempts), and multi-factor authentication to verify your identity before you can log in.

Cookies

In order to provide certain Web-based services and to make your online experience more personalized, we may use cookies as part of our interaction with your Internet browser. A cookie is a very small piece of information stored on your local computer so it can later be read by our Web server. We use cookies to display information more effectively to you and to gather data about usage of our website. Cookies allow us to collect technical and navigational information — such as browser type, time spent on our website, and pages visited or track activity relating to our online promotions. This information is anonymous and does not include personal information. We retain, aggregate, monitor, and analyze the use of our website so we can continually improve the design, usability, and functionality to better serve you.

You can disable and delete cookies by accessing your browser’s preferences menu; however, you should be aware that when cookies are disabled, other online account services we provide, like Online Banking, may not work properly. For more information on working with cookies, consult the Help function of your browser.

Links to Other Websites

We are committed to providing you with the most complete information possible to help you make sound financial decisions. As a convenience to you, we may link from our website to other websites or Internet resources operated by third parties. When you link from our website to a third-party website, the linked website will appear in a new browser window or an alert will appear to notify you that you are leaving our website.

Links to third-party websites are solely for informational purposes and should not be construed as our endorsement or guarantee of the information or services provided on the linked website. We do not control third-party websites and are not responsible for the content on linked websites. Third-party website privacy, security, and other policies may differ from this California Privacy Policy. Please review a linked website’s policies before providing personal information on that website.

Information Collection

We do not collect any personally identifiable information on our website unless you submit the information or give your consent. We use website monitoring software to gather aggregate information about our visitors’ browsing activities in order to improve our website and better serve our members/consumers. We use this data to analyze trends, track visitor movement, and gather demographic information. IP addresses are not linked to personally identifiable information. We provide calculators and other online tools to assist visitors in making financial decisions. These tools do not collect or store any information entered by web visitors. Applications for services, accounts, or loans you submit through Online Banking, Open an Account, and/or Apply for a Loan and forms that you complete and submit on our website are protected in accord with this California Privacy Policy.

We do not knowingly collect any personally identifiable information from children under age 13 on our website.

When you log in to Online Banking, Open an Account, and/or Apply for a Loan, your identity is no longer anonymous; each username corresponds to a specific member/consumer and that information is collected and retained. To ensure the security of your accounts and information, all actions are monitored and tracked. You should never share your username and/or password with another person to ensure the security and privacy of your accounts and information. Refer to the Online Banking, Open an Account, and/or Apply for a Loan disclosures for complete privacy, security, and usage information.

Information We Collect

As hereinafter referred to in this California Privacy Policy, “personal information” means information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device. Personal information does not include:

Publicly available information from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Below is a list of categories of personal information specified in the CCPA and an indication whether or not we have collected that information about individual consumers through our website, online services, or otherwise within the last 12 months:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other electronic network activity information.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	YES
G. Geolocation data.	Physical location or movements.	YES
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	YES
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

For each category of personal information collected in the preceding 12 months, the categories of sources from which that personal information was collected, the business or commercial purpose(s) for which that personal information was collected, and the categories of third parties with whom we share that personal information are as follows:

Category	Categories of sources from which personal information was collected	Business or commercial purpose(s) for which personal information was collected	Categories of third parties with whom personal information was shared
A. Identifiers.	Directly from you. For example, from applications and forms provided by us or on our website that you begin and/or complete and submit to us. Indirectly from you. For example, from interaction with our website, communications with us in person, by telephone, email and/or in writing and your communications about us on social media. From other financial companies and our affiliates.	For any of the uses listed under “Use of Personal Information” below.	Other financial companies and our affiliates.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	Directly from you. For example, from applications and forms provided by us or on our website that you begin and/or complete and submit to us. Indirectly from you. For example, from interaction with our website, communications with us in person, by telephone, email and/or in writing and your communications about us on social media. From other financial companies and our affiliates.	For any of the uses listed under “Use of Personal Information” below.	Other financial companies and our affiliates.
C. Protected classification characteristics under California or federal law.	Directly from you. For example, from your Mortgage, Home Equity Loan and Line of Credit, or Hybrid Home Equity Line of Credit applications and forms provided by us or on our website that you begin and/or complete and submit to us.	For the purpose for which you provided the information. For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus and governmental agencies.	Governmental agencies.
D. Commercial information.	Directly from you. For example, from applications and forms for loans, accounts, and services you begin and/or complete and submit to us. Indirectly from you. For example, from credit bureaus.	For the purpose for which you provided the information. For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus and governmental agencies.	Other financial companies and our affiliates.
F. Internet or other electronic network activity information.	Indirectly from you. For example, from interaction with our website.	To provide you with products and services. To verify your identity, such as when you access your account or your account information, and to help prevent fraud on your account.	None.
G. Geolocation data.	Directly from you. For example, when you register for credit and/or debit card alerts. Indirectly from you. For example, when you visit our website.	To verify your identity, such as when you access your account or your account information, and to help prevent fraud on your account. To track your location so we can direct you to our nearest Member Center or ATM.	None.
H. Sensory data.	Indirectly from you. For example, from your phone calls to our Member Center or Contact Center and your personal visits to our Member Center or ATMs.	To verify your identity, such as when you access your account or your account information, and to help prevent fraud on your account. For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus and governmental agencies.	None.
I. Professional or employment-related information.	Directly from you. For example, from applications and forms provided by us or on our website that you begin and/or complete and submit to us.	For any of the uses listed under “Use of Personal Information” below.	Other financial companies and our affiliates.
K. Inferences drawn from other personal information.	Indirectly from you. For example, from interaction with our website.	For our marketing purposes – to offer our products and services to you, including using your behavior to shape messages you see for displaying advertising.	None.

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following purposes:

For the purpose for which you provided the information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to open an account, we will use that information to open your account. We may also save your information to facilitate providing services to you.
To provide you with products and services.
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus and governmental agencies.
To provide you with support and to respond to your inquiries, including to investigate and address your concerns.
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
To verify your identity, such as when you access your account or your account information, and to help prevent fraud on your account.
To send you important information regarding our website, change in terms, conditions and/or policies.
For our marketing purposes – to offer our products and services to you, including using behavior to shape messages you see for displaying advertising.
For joint marketing with other financial companies and our affiliates.
To track your location so we can direct you to our nearest Member Center or ATM.
As described to you when collecting your personal information or as otherwise set forth in the CCPA.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

Disclosures of Personal Information for a Business Purpose

In the preceding 12 months, we have disclosed the following categories of personal information to third parties for a business purpose:

Category A: Identifiers.

Category B: California Customer Records personal information categories.

Category C: Protected classification characteristics under California or federal law.

Category D: Commercial information.

Category I: Professional or employment-related information.

We disclose your personal information for a business purpose to the following categories of third parties:

Other financial companies.
Our affiliates.

Sales of Personal Information

We have not sold personal information of any consumers in the preceding 12 months, and we will not sell personal information of any consumers in the future.

Your Rights and Choices

The CCPA provides consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you.
Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you (also called a data portability request).
If we sold your personal information or disclosed it for a business purpose, two separate lists disclosing:
- the categories of personal information that we sold about you and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each category of third parties to whom the personal information was sold; and
- the categories of personal information that we disclosed about you for a business purpose and the categories of third parties to whom the personal information was disclosed for a business purpose, by category or categories of personal information for each category of third parties to whom the personal information was disclosed for a business purpose.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise that consumer’s free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Calling us at 1-888-556-7376.
Visiting https://www.cefcu.com/forms/contact/ccpa

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You can designate an authorized agent to make a request under the CCPA on your behalf by granting the authorized agent written permission to do so (in which case we may require you to verify your identity directly to us) or by providing the authorized agent with power of attorney pursuant to California Probate Code sections 4000 to 4465.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

The verifiable consumer request to exercise access, data portability, or deletion rights must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:
- Account Number (if current member)
- ID Number (if current member)
- Name
- Address
- Date of Birth
- Phone Number
- Place of Employment
- A signed declaration under penalty of perjury that the requestor is the consumer whose personal information is the subject of the request if we are unable to successfully verify your identity
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We will confirm receipt of a verifiable consumer request within 10 days of our receipt of the verifiable consumer request and provide information about our verification process and when you should expect a response, except in instances where we have already granted or denied the request. We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period (which can be up to 90 days from receipt) in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

For exercising any of your rights under the CCPA, we will not discriminate against you by:

Denying you goods or services.
Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Providing you a different level or quality of goods or services.
Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

We do not currently provide financial incentives for the collection, sale, or deletion of personal information. However, the CCPA allows us to offer you certain financial incentives permitted by the CCPA that could result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we might offer in the future would reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program that we might offer in the future requires your prior opt in consent, which you may revoke at any time.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to dirrera@cefcu.com or write us at: Citizens Equity First Credit Union, Compliance Department, P.O. Box 1715, Peoria, IL 61656-9989.

In accordance with the requirements of the California Online Privacy Protection Act (Business and Professions Code §§ 22575 to 22579), we disclose the following:

CEFCU's first-party, proprietary software does not capture personally-identifiable information unless the user is prompted (e.g. forms inquiring about personal information in order to open accounts, set appointments with Member Centers, etc.). Although CEFCU does not control how third-party software tracks personally-identifiable information, we work closely with our third-party providers to ensure members’ (and non-members') information is secure. Such third-party software include our Online Loan Application and Online Banking.
CEFCU's first-party, proprietary software does not share personally-identifiable information with other parties. Although CEFCU does not control how third-party software shares personally-identifiable information with outside parties, we work closely with our third-party providers to ensure members' (and non-members') information is secure.

Interruption of Service

At certain times, cefcu.com, Online Banking, Open an Account, and/or Apply for a Loan may be unavailable due to system maintenance or circumstances beyond our control. We conduct frequent and regular backups of your information and utilize redundant information practices to protect your information from being lost, altered, or corrupted due to unforeseen equipment malfunctions.

Changes to California Privacy Policy

We reserve the right to amend this California Privacy Policy at our discretion and at any time. When we make changes to this California Privacy Policy, we will post the updated California Privacy Policy on our website and update the effective date. Your continued use of our website or any product or service we provide following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this California Privacy Policy, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under California law, please contact us at:

Phone: 1-888-556-7376

Postal Address:

Citizens Equity First Credit Union
            Compliance Department
            P.O. Box 1715
            Peoria, IL 61656-9989

Effective Date: January 1, 2020.

Last Reviewed on: December 31, 2019

CEFCU’s Privacy Policy for CEFCU Mobile Banking Application

Last updated on May 27, 2022

CEFCU’s Privacy Policy for CEFCU Mobile Banking Application (“Privacy Policy”) describes Our policies and procedures that apply to the access, collection, use, sharing, and disclosure of Your Personal and Sensitive Information when You use the Service and tells You about Your privacy rights and how the law protects You.

We access, collect, use, share, and disclose Your Personal and Sensitive Information solely to provide and improve the Service. By using the Service, You agree to the access, collection, use, sharing, and disclosure of Your Personal and Sensitive Information in accordance with this Privacy Policy.

This Privacy Policy DOES NOT apply to information that:

We collect offline or on cefcu.com.
You provide to or is collected on websites You may access through the Service.
You provide to or is collected by any third party other than a Service Provider.

These third parties may have their own privacy policies, which we encourage You to read before providing information on or through them.

Application Permissions

In order to provide certain features of the Application, the Application will request Your prior permission to access Your Device as follows:

Permission to Access and Collect Information from Your Device’s:	Purpose for Permission	What Happens If You Don’t Give or You Revoke Your Permission?
Contacts
Read your contacts	Person to Person payment. Recipient contact information used to facilitate payment transfer.	You won’t be able to select recipient contact information, requiring manual entry of contact information.
Location
Approximate location (network-based)	Maps. Location is used to populate map and to improve and customize Our Service.	Map will default to a location that may not be device location.
Precise location (GPS and network-based)	Maps. Location is used to populate map and to improve and customize Our Service.	Map will default to a location that may not be device location.
Photos/Media/Files
Read the contents of your USB storage	eStatements, Secure Message attachments. Attachments received through download are saved on device	Device may not be able to confirm available storage to download, save and/or access the attachment and/or document requested.
Modify or delete the contents of your USB storage	eStatements, Secure Message attachments. Attachments received through download are saved on device	Device may not be able to confirm available storage to download, save and/or access the attachment and/or document requested.
Storage
Read the contents of your USB storage	eStatements, Secure Message attachments. Attachments received through download are saved on device	User may not be able to download and/or save attachment and/or document requested.
Modify or delete the contents of your USB storage	eStatements, Secure Message attachments. Attachments received through download are saved on device	User may not be able to download and/or save attachment and/or document requested.
Camera
Take pictures and videos	Mobile Check Deposit. Picture taken for Mobile Check Deposit is used/shared to process item.	You won’t be able to take a picture of an item; therefore, you won’t be able to use Mobile Check Deposit to deposit Your check.
Wi-Fi connection information
View Wi-Fi connections	Access internet connection. The Application requires internet connection to update information	If network status is unavailable or Device is offline, the Application will not be able to load/start.
Other	Update application and send/receive information. Account information is sent/received.	If network status is unavailable or Device is offline, the Application will not be able to load/start.
Receive data from Internet	Update application and send/receive information. The Application requires internet connection to update information.	If network status is unavailable or Device is offline, the Application will not be able to load/start.
View network connections	Access internet connection. The Application requires internet connection to update information.	If network status is unavailable or Device is offline, the Application will not be able to load/start.
Full network access	Access internet connection. The Application requires internet connection to update information	If network status is unavailable or Device is offline, the Application will not be able to load/start.
Prevent device from sleeping	Allow user to stay in session. Application has a timeout set – allows	Device status may enter rest mode but Application runs in background and eventually will timeout.

You can enable or disable Your permissions to access and collect information from Your Device at any time, through Your Device’s settings.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

"Account" means a unique account created for You to access the Service or parts of the Service.
"Application" means the software program provided by CEFCU downloaded by You on any electronic device, named CEFCU Mobile Banking.
"CEFCU" (referred to as either "CEFCU", "We", "Us" or "Our" in this Privacy Policy) refers to Citizens Equity First Credit Union.
"Country" refers to the United States.
"Cookies" are small files that are placed on Your computer, mobile device, or any other device by a website, containing the details of Your browsing history on that website among its many uses.
"Device" means any device that can access the Service such as a computer, a cell phone, or a digital tablet.
"Personal and Sensitive Information" is any information that relates to an identified or identifiable individual, including but not limited to personally identifiable information, financial and payment information, authentication information, phonebook, contacts, device location, SMS and call related data, inventory of other apps on the device, microphone, camera, and other sensitive device or usage data.
"Service" refers to the Application and the Application’s Website.
"Service Provider" means any natural or legal person who processes data on behalf of CEFCU. It refers to third-party companies or individuals employed by CEFCU to facilitate the Service, to provide the Service on behalf of CEFCU, to perform services related to the Service, or to assist CEFCU in analyzing how the Service is used.
"Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
"You" means the individual accessing or using the Service, or CEFCU, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal and Sensitive Information

Types of Personal and Sensitive Information We Collect in the Service

Personal and Sensitive Information You Provide to Us

While using the Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Phone number
Address, State, Province, ZIP/Postal code, City
Usage Data

Personal and Sensitive Information Collected Via Technology

While using the Service, We may automatically collect certain information that may include, but is not limited to:

Usage Data.
Device data, such as the type of Device You use, the Internet Protocol address of Your Device, Your Device’s operating system type and version, the type and version of Internet browser You use, Your unique Device identifiers, Your Device’s manufacturer and model, Your Device’s screen resolution, Your Device’s RAM and disk size, Your Device’s CPU usage, the type of Your Device (e.g., phone, tablet, or computer), Your Device’s language settings, Your Device’s mobile carrier, Your Device’s radio/network information (e.g., WiFi, LTE, 3G), general location information such as city, state, or geographic area, and other diagnostic data.
Online activity data, such as pages or screens You viewed, how long You spent on a page or screen, the time and date of Your visit, the website You visited before browsing to the Service, navigation paths between pages or screens, information about Your activity on a page or screen, access times, and duration of access.
Cookies, which are text files that websites store on a visitor’s Device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping You navigate between pages efficiently, remembering Your preferences, enabling functionality, and helping us understand user activity and patterns.
Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on Your device outside of Your browser in connection with specific applications.
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
Location Information. If You have enabled location services on Your phone and agree to the collection of Your location when prompted by the Services, we will collect Your location information when You use the Services; for example, to provide our fraud detection services. If You do not want us to collect this information, You may decline the collection of Your location when prompted or adjust the location services settings on Your device.

Use of Your Personal and Sensitive Information

CEFCU may use Your Personal and Sensitive Information collected through Your use of the Service for the following purposes:

To provide the financial services You request through the Service.
To provide and maintain the Service, including to monitor the usage of the Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal and Sensitive Information You provide can give You access to different functionalities of the Service that are available to You as a registered user.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
To manage Your requests: To attend and manage Your requests to Us.
For other purposes: We may use Your Personal and Sensitive Information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve our Service, products, services, marketing, and Your experience.

Sharing Your Personal and Sensitive Information

We may share Your Personal and Sensitive Information in the following situations:

With Service Providers: We may share Your Personal and Sensitive Information with Service Providers to monitor and analyze the use of our Service, for payment processing, to contact You.
For business transfers: We may share or transfer Your Personal and Sensitive Information in connection with, or during negotiations of, any merger, sale of CEFCU assets, financing, or acquisition of all or a portion of Our business to another company.
With Affiliates: We may share Your Personal and Sensitive Information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
With business partners: We may share Your Personal and Sensitive Information with Our business partners to offer You certain products, services or promotions.
With other users: when You share Your Personal and Sensitive Information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
With Your consent: We may disclose Your Personal and Sensitive Information for any other purpose with Your consent.

Service Providers, Affiliates, and Business Partners Privacy Protection

All third parties, including Service Providers, Affiliates, and business partners, who may have access to Your Personal and Sensitive Information provide the same or equal protection of such information as stated in this Privacy Policy and required by the App Store Review Guidelines.

Retention of Your Personal and Sensitive Information

CEFCU will retain Your Personal and Sensitive Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal and Sensitive Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain Your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

CEFCU will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or We are legally obligated to retain this data for longer time periods.

We will delete your Personal and Sensitive Information when We are no longer required to retain that information or, for California residents, if You request We delete that information in accordance with the requirements of and subject to the limitations of CEFCU’s Privacy Policy for California Residents.

Transfer of Your Personal and Sensitive Information

Your information, including Your Personal and Sensitive Information, is processed at CEFCU's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, Country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

CEFCU will take all steps reasonably necessary to ensure that Your Personal and Sensitive Information is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal and Sensitive Information will take place to an organization or a country unless there are adequate controls in place including the security of Your Personal and Sensitive Information.

Disclosure of Your Personal and Sensitive Information

Business Transactions

If CEFCU is involved in a merger, acquisition, or asset sale, Your Personal and Sensitive Information may be transferred. We will provide notice before Your Personal and Sensitive Information is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, CEFCU may be required to disclose Your Personal and Sensitive Information if required to do so by law or in response to a valid summons, subpoena, or order by public authorities (e.g., a court or a government agency).

Other legal requirements

CEFCU may disclose Your Personal and Sensitive Information in the good faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of CEFCU
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of users of the Service or the public
Protect You or Us against legal liability

Security of Your Personal and Sensitive Information

The security of Your Personal and Sensitive Information is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal and Sensitive Information, We cannot guarantee its absolute security.

Detailed Information on the Processing of Your Personal and Sensitive Information

The Service Providers We use may have access to Your Personal and Sensitive Information. These third-party vendors collect, store, use, process, and transfer information about Your activity on Our Service in accordance with their Privacy Policies.

Analytics

We may use third-party Service providers to monitor and analyze the use of our Service.

Email Marketing

We may use Your Personal and Sensitive Information to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us.

Children's Privacy

The Service is not intended for use by anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal and Sensitive Information, please contact Us. If We become aware that We have collected Personal and Sensitive Information from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your Personal and Sensitive Information and Your Country requires consent from a parent, We may require Your parent's consent before We collect and use that information.

Links to Other Websites

The Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third party's site. We strongly advise You to review the privacy policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

California Residents Privacy Rights

California residents may have additional personal information rights and choices. If You are a California resident, California law may provide You with additional rights regarding our use of Your personal information. To learn more about Your California privacy rights, review Privacy Policy for California Residents.

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Application that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to dirrera@cefcu.com or write us at: Citizens Equity First Credit Union, Compliance Department, P.O. Box 1715, Peoria, IL 61656-9989.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on the Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If You have any questions about this Privacy Policy, You can contact us at:

Citizens Equity First Credit Union
Compliance Department
P.O. Box 1715
Peoria, IL 61656-9989

Free Checking

Dining. Travel. Fuel. Fun.

Protect Your Car

Privacy Policy