Privacy Policy
Facts
WHAT DOES US METRO BANK DO WITH YOUR PERSONAL INFORMATION?
Why?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What?
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
- Social Security number and Income
- Account balances and Overdraft history
- Credit history and Payment history
When you are no longer our customer, we continue to share your information as described in this notice.
How?
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons US Metro Bank chooses to share; and whether you can limit this sharing.
Questions? Call 714-620-8888 or go to www.usmetrobank.com
Who we are
US Metro Bank
How does US Metro Bank protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
We authorize our employees to get your information only when they need it to do their work. We require companies that work for us to protect your information.
How does US Metro Bank collect my personal information?
We collect your personal information, for example, when you
- Open an account or apply for a loan
- Make deposits or withdrawals
- Provide personal information such as government issued ID
We also collect your personal information from others, such as credit bureaus or other companies.
Why can't I limit all sharing?
Federal law gives you the right to limit only:
- sharing for affiliates’ everyday business purposes – information about your creditworthiness
- affiliates from using your information to market to you
- sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
Definitions
Affiliates
Companies related by common ownership or control. They can be financial and non-financial companies.
- US Metro Bank does not share with affiliates.
Nonaffiliates
Companies not related by common ownership or control. They can be financial and nonfinancial companies.
- US Metro Bank does not share with nonaffiliates so they can market to you.
Joint Meeting
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
- US Metro Bank does not engage in joint marketing.
Other Important Information
Information about California Consumer Privacy Act ("CCPA")
US METRO
BANK CALIFORNIA PRIVACY POLICY FOR CALIFORNIA RESIDENTS
Last Updated: December 28, 2022
INTRODUCTION
This Privacy Notice for California Residents (this “Notice”)
applies solely to residents of the State of California (“consumers” or “you”)
and supplements the information contained in any other Privacy Statement or
Notice provided by US Metro Bank (“Bank”, “our” or “we”). This Notice is
adopted to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and
as amended, the California Privacy Rights Act of 2020 (collectively, “CPRA”).
This Notice describes how US Metro Bank collects, uses, and discloses
information that identifies, relates to, describes, is reasonably capable of
being associated with, or could reasonably be linked, directly or indirectly,
with you or your household (“personal information”). The information on this
page complements the notices and disclosures regarding your rights under
federal laws and regulations (e.g., the Gramm-Leach-Bliley Act). For more
information, please visit https://www.usmetrobank.com/privacy-policy/
Keeping Personal Information
secure is one of our most important priorities. Consistent with our obligations
under applicable laws and regulations, we maintain physical, technical,
electronic, procedural and organizational safeguards and security measures that
are designed to protect personal data against accidental, unlawful, or
unauthorized destruction, loss, alteration, disclosure, or access, whether it
is processed by us or elsewhere.
COLLECTION OF PERSONAL INFORMATION
We may collect, for our business purposes, certain personal
information to provide financial products and services, and for employment
purposes. In the past 12 months, we may have collected and disclosed:
|
Category |
Examples |
|
Personal Identifiers |
A real name, alias,
postal address, unique personal identifier, online identifier, Internet
Protocol address, email address, account name, Social Security number,
driver’s license number, passport number, state or government issued individual
license number or other similar identifiers. |
|
Personal Information
categories listed in the California Customer Records Statute (Cal. Civ. Code
§ 1798.80 (e)) |
A name, signature,
Social Security number, physical characteristics or description, address,
telephone number, passport number, driver’s license or state identification
card number, insurance policy number, education, employment, employment
history, bank account number, credit card number, debit card number, or any
other financial information, medical information, or health insurance
information |
|
Characteristics of Protected
Classes under California or Federal law |
Age, race, color,
ancestry, national origin, characteristics such as sex and marital status;
medical condition, physical or mental disability, sex (including gender,
gender identity, gender expression, pregnancy or childbirth and related
medical conditions), sexual orientation, veteran or military status, genetic
information (including familial genetic information). |
|
Commercial
Information |
Records of personal
property, products or services purchased, obtained, or considered, or other
purchasing or consuming histories or tendencies. |
|
Biometric
Information |
Genetic,
physiological, behavioral and biological characteristics, or activity
patterns used to extract a template or other identifier or identifying
information, such as, fingerprints, and voiceprints, iris, or retina scans,
keystroke, gait, or other physical patterns and sleep, health, or exercise
data. |
|
Internet or other
similar network activity |
Browsing history,
search history, information on a consumer’s interaction with a website,
application, or advertisement. |
|
Geolocation Information |
Physical location,
movements, device location, location based on IP address. |
|
Sensory Information |
Audio, electronic,
visual, thermal, olfactory, or similar information. |
|
Professional or
employment-related information |
Current or past job
history, prior employer or performance evaluations. |
|
Non-public education
information |
Education records
directly related to a student and maintained by an educational agency or
institution or by a party acting for the agency or institution. |
|
Inferences drawn
from other personal information |
Drawn from any of
the Personal Data listed above to create a profile about a California
resident reflecting their preferences, characteristics, psychological trends,
predispositions, behavior, and attitudes, intelligence, abilities, and
aptitudes. |
Sensitive Personal Information: We may also collected and disclosed any information in the following
categories that reveals
|
Sensitive Personal Information |
Any information in
the following categories that reveals |
|
–
A California
resident’s Social Security, driver’s license, state identification card, or
passport number |
|
|
–
A California
resident’s account log-in, financial account, debit card, or credit card
number in combination with any required security or access code, password, or
credentials allowing access to an account |
|
|
–
A California
resident’s precise geolocation |
|
|
–
The processing of
biometric information for the purpose of uniquely identifying a California
resident |
|
|
–
Personal Data
collected and analyzed concerning a California resident’s health. |
|
|
–
Data regarding
payments for health services |
|
|
–
Data relating to
criminal convictions and offenses |
SOURCE OF PERSONAL INFORMATION
The categories of sources from whom we collected this
Personal Information are:
·
Directly from a California resident or the
individual’s representatives through paper applications, telephone, or
electronic means.
·
Service Providers and other third parties to
provide products and services or process transactions requested by you, or
transfers of sales and assets.
·
Public Record Sources (Federal, State or Local
Government Sources)
·
Information from Corporate Clients about
individuals associated with the Clients (e.g., an employee or board member)
·
Outside companies we used to support Human
Resources and workforce management activities
USE OF PERSONAL INFORMATION
In the past 12 months, we have used Personal Information
relating to California residents to operate, manage, and maintain our business,
to provide our products and services, and to accomplish our business purposes
and objectives, including the following:
·
Performing services, including maintaining or
servicing accounts, providing customer service, processing or fulfilling orders
and transactions, verifying customer information, processing payments,
providing financing, providing advertising or marketing services, providing
analytic services, or providing similar services.
·
Detecting security incidents, protecting against
malicious, deceptive, fraudulent, or illegal activity, and prosecuting those
responsible for that activity.
·
Short-term, transient use where the information
is not disclosed to a third party and is not used to build a profile or
otherwise alter an individual consumer’s experience outside the current
interaction, including, but not limited to, the contextual customization of ads
shown as part of the same interaction.
·
Auditing related to a current interaction and
concurrent transactions, including, but not limited to, counting ad impressions
to unique visitors, verifying positioning and quality of ad impressions, and
auditing compliance with this specification and other standards.
·
Undertaking activities to verify or maintain the
quality or safety of a service controlled by us, and to improve, upgrade, or
enhance the service controlled by the business.
·
Debugging to identify and repair errors that
impair existing intended functionality.
·
Complying with laws and regulations and to comply
with other legal process and law enforcement requirements (including any
internal policy based on or reflecting legal or regulatory guidance, codes or
opinions)
SHARING or SELLING OF PERSONAL INFORMATION
In the past 12 months, we have
not “sold” Personal Information subject to the CCPA, including Personal
Information of minors under the age of 16. For purposes of this Disclosure,
“sold” means the disclosure of Personal Information to a third-party for
monetary or other valuable consideration.
We also have not share your personal information with third parties for
cross-context behavioral advertising
CATEGORIES OF THIRD PARTIES
The categories of third parties to whom we disclosed
Personal Information for our business purposes described in this privacy
disclosure are:
·
Vendors and Service Providers who provide
services such as information technology and related infrastructure, customer
service, email delivery, and auditing
·
Partners and Third Parties who provide services
such as payment, banking and communication infrastructure, storage, legal
expertise, tax expertise, notaries and auditors, who promote the bank and its
financial services and products to customers and other prospective buyers
·
Other Third Parties who enable customers to
conduct business online and via mobile devices
·
Government Agencies as required by laws and
regulations
·
Outside companies in connection with routine or
required reporting, including consumer reporting agencies
YOUR
RIGHTS
Right To Know
You have the right, subject to certain exceptions defined in
the CPRA and other applicable laws and regulations, to request that US Metro
Bank disclose certain information to you about our collection and use of your
personal information over the past 12 months. Once we receive and confirm your
verifiable consumer request, we will disclose to you:
·
The categories of personal information we
collected about you.
·
The categories of sources for the personal
information we collected about you.
·
The business or commercial purpose for
collecting, selling, or sharing the personal information.
·
The categories of third parties with whom we
disclose that personal information.
·
The categories of personal information that each
recipient received.
·
The specific pieces of personal information we
collected about you.
You have the right to receive
this information in a format, to the extent technically feasible, that is
portable, usable, and allows you to transmit the personal information to a
person without impediment, where the processing is carried out by automated
means.
Right to Request Deletion
You have the right, subject to
certain exceptions defined in the CPRA and other applicable laws and
regulations, to request that US Metro Bank delete any of your personal
information that we collected from you and retained. Once we receive and
confirm your verifiable consumer request we will delete (and direct the
recipients of your personal information to delete) your personal information
from our records.
Right to Correct Your
Personal Information
You have the right, subject to
certain exceptions defined in the CPRA and other applicable laws and
regulations, to submit a request to correct any inaccurate personal information
that we may have about you.
HOW TO EXERCISE YOUR RIGHT
You may only make a verifiable consumer request for access twice
within a 12-month period.
If you are a California resident, you may submit a request
by:
Emailing privacy@usmetrobank.com
Calling 714-620-8888
We cannot respond to your
request or provide you with personal information if we cannot verify your
identity or authority to make the request and confirm the personal information
relates to you. We will generally verify your identity by asking you to provide
personal information related to your recent interactions with us. Making a
verifiable consumer request does not require you to create an account with us.
We will only use personal information provided in a verifiable consumer request
to verify the requestor’s identity or authority to make the request.
Requests by Authorized Agents
You may exercise your privacy
rights through an authorized agent. If we receive your request from an
authorized agent, we may ask for evidence that you have provided such agent
with a power of attorney or that the agent otherwise has valid written
authority to submit requests to exercise rights on your behalf.
NONDISCRIMINATION
You have the right not to be
discriminated against for exercising any of your privacy rights. This includes
us not: (a) denying you goods or services; (b) charging you different prices or
rates for goods or services, including through the use of discounts or other
benefits or imposing penalties; (c) providing you a different level or quality
of goods or services; (d) suggesting to you that you will receive a different
price or rate for goods or services or a different level or quality of goods or
services; and (e) retaliating against you for exercising your privacy rights.
RESPONDING TO YOUR REQUEST
Privacy and data protection
laws, other than the CCPA, apply to much of the Personal Data that we collect,
use, and disclose. When these laws apply, Personal Data may be exempt from, or
outside the scope of, Access Requests and Deletion Requests. For example,
information subject to certain federal privacy laws, such as the
Gramm-Leach-Bliley Act or the Health Insurance Portability and Accountability,
is exempt from CCPA Requests. As a result, in some instances, we may decline
all or part of an Access Request or Deletion Request related to Personal Data
exempt from CCPA Requests. This means that we may not provide some or all of
this Personal Data when you make an Access Request. Also, we may not delete
some or all of this Personal Data when you make a Deletion Request.
QUESTIONS OR CONCERNS
You may contact us with questions or concerns about this
Disclosure and our practices by:
Writing us at:
US Metro Bank
Attn:
Compliance
9866 Garden
Grove Blvd.
Garden Grove, CA
92844
Calling us at 714-620-8888
CHANGES TO THIS CALIFORNIA CONSUMER PRIVACY ACT DISCLOSURE
We may change or update this Disclosure from time to time.
When we do, we will post the revised Disclosure on this page with a new “Last
Updated” date.
