Effective Date: July 11, 2023
At Summit Community Bank (“We”, “Us”, or “Our”), we understand the importance of protecting your customer information. We believe that protecting your privacy is an integral part of the customer service we provide you. This policy statement describes our online privacy practices, covering the online collection, use, and disclosure of information we collect from visitors to our website.
Changes to this Online Policy
From time to time, we may make changes to this Policy to accommodate new technologies, platforms, industry practices, regulatory requirements, or for other purposes. We encourage you to review this Policy periodically to ensure that you understand how we collect, use, and share information through the Website or Mobile App. If we do make changes to this Notice, we will also update the "Effective Date" posted at the top of this Notice.
Any changes to this Notice will become effective when the revised Notice is posted on the Website. By continuing to use the Website or Mobile App following such changes, you are agreeing to accept the terms of the revised Notice.
Mobile Banking Privacy Information
Customers have the option of downloading the Summit Community Bank Mobile Banking application (“app”) from the Apple® App Store or Google® Play Store to conduct mobile banking activities. Information collected through the Summit Mobile app includes banking transaction information and information about your mobile activity, such as when the app is opened or exited, and which pages within the app are visited. When you use the App, we collect personal information from:
- You directly when you provide it (e.g., when you enroll in the App, you provide your information to us).
- Your device (e.g., your mobile device shares your Unique Device ID and name of your device when you use the App).
- Financial Institutions or other partners (e.g., when you receive money from one of their customers, they share information with us about the transaction);and
- Our service providers (e.g., we use service providers to help us verify your identity when you enroll in the App).
We may also share personal information with other Zelle® users (e.g., When another user sends you a payment, we may share your name (from your Zelle® profile) and profile picture (if you have one) with the other user to ensure the other user intends to send a payment to you. We do not share your bank account information/debit card information with other Zelle® users.
Mobile and Online Permission Types
(1) Access to external storage - This permission will allow you to send attachments with a Secure Message.
(2) Camera - This permission allows you to use our Mobile Deposit feature to remotely deposit a check using the camera on your mobile device.
(3) Contacts - This permission allows you to import your Contacts to make sending money with Zelle® even easier.
- When using the Zelle® feature within our mobile banking application, if you give permission to Zelle® to import your contacts, the contact list information may include the name, email address, and phone number of the recipient or other suggested contacts on your device. Contact list information is used to help you quickly select trusted contacts to make Zelle® payments. Recipient contact information is used to provide you with a list of transaction history activity within Zelle® which may include the amount of the transaction and the transaction date. Summit does not share or sell this transaction history or contact list information.
(4) Location - This permission is used when using the Location feature to search for branches and ATMs near you.
Information We Collect
We may collect non-identifying information from visitors to our website. However, visitors to our website remain anonymous. We do not collect identifying information about visitors to our site. We may use standard software to collect non-identifying information about our visitors, such as:
(1) Date and time our site was accessed
(2) The IP address (A numeric address given to servers connected to the Internet)
(3) Web browser used
(4) City, state, and country
We collect non-identifying information for a variety of purposes. We use this information to create summary statistics and to determine the level of interest in information available on our site. Visitors may elect to provide us with personal information via E-mail, online registration forms, or our guest book.
How We Use Information We Collect
This information is used internally, as appropriate, to handle the sender's request. It is not disseminated or sold to other organizations. However, the information we collect from visitors to our website may be released to third parties, shared and/or used to protect against or investigate fraud, if required by law and/or to establish or exercise our legal rights or defend against claims.
Children's Online Privacy Protection Act Information
This website is not directed at children. We do not market to children, nor do we knowingly collect or retain personally identifiable information from children.
Technology We Use on Our Website
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for us and for you, our customer. It features password-controlled system entry, a Digital ID for Summit Community Bank's server issued by VeriSign, the experts in digital identification certificates, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with our server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "3 strikes and you're out" lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to us to verify the password before
re-entry into the system. Upon successful login, the Digital ID from VeriSign authenticates the user's identity and establishes a secure session with that visitor.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between us and the customer is encrypted and can only be decrypted with the public and private key pair. In short, our server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to us.
Using the above technologies, your Internet banking transactions are secure.