At Coastal Community Credit Union we are committed to protecting your privacy and safeguarding your personal and financial information. While the Internet is revolutionizing the way that we do with business—providing convenient access to financial services from your home or office — we also recognize that it may bring legitimate concerns about Privacy and Security.
This Privacy Statement describes how your personal information is collected, used and disclosed within our null Internet banking site. The null site is the area of our website that requires you to use your Member ID and Personal Access Code (PAC) to enter.
Please note that this statement does not refer to policies and practices of our public website. Please click here for more information on the privacy policies and practices of Coastal Community Credit Union and of our public website (the area of our website that does not require the use of your Member ID and Personal Access Code (PAC) to use).
To ensure that you are the only person accessing your personal information, we restrict access to the null site by requiring that you enter your Member ID and PAC to login. Only you know your PAC. Our employees do not have access to your PAC, and they will not ask you to reveal it. If someone does ask you to provide your PAC to them, we ask that you refuse to do so and contact us immediately.
By nature, our Internet banking site has many transactional functions such as transfers between accounts and bill payment functions. These transactions are all logged to ensure that your accounts are debited or credited appropriately, and a history of each transaction is available to verify your account. We store and use your transactional information in the same fashion as if you performed the transaction at a branch or any other service channel.
We may also use transactional information for servicing your account—for example, billing you for the particular transactions that you perform, or for the services that you use.
To create a secure channel between your browser and our server, we use 128-bit Secure Socket Layer (SSL) encryption, the highest level available. To learn more about 128-bit SSL encryption, and our security policies, please review our security information.
To provide you with a convenient method for applying for loans and mortgages, or for purchasing other financial services products such as Registered Savings Plans, we may provide secure online application forms. By nature, these forms capture personally identifiable information that we use to provide you with the products and services that you have requested. This information is processed in a fashion similar to that of application forms received through our other channels. The information contained in the application may be archived or stored, as governed by existing law or policy.
To continually improve our site, we often collect information about how our Members are using it. These usage statistics are only viewed in the aggregate—and are never tied to an individual.
We use this information for purposes such as improving the pages where our members are having difficulties, and ensuring that we have the appropriate infrastructure in place to service future needs.
The information collected may include your IP address, your browser type and your operating system, as well as data that is passively generated as you browse the site, such as the number and types of pages visited, and the length of time spent per page and on the site overall.
We also use a key web technology called cookies. A cookie is a small information token that sits on your computer. As you use the null site, cookies are passed back and forth between our server and your browser. While cookies can be used for a variety of reasons, we only use cookies where they are of benefit to our members.
Specifically, we use two kinds of cookies—session cookies and persistent cookies. A session cookie exists only for the length of your browsing session and is deleted when you close your browser. A persistent cookie is a cookie that stays on your computer after you close your browser. A persistent cookie may or may not expire on a given date.
We use a session cookie to maintain the integrity of your Internet banking session. With each page that you visit, the cookie is passed back and forth between our server and your browser. We use the cookie to distinguish your session from the many others that may be happening at the same time. Our session cookies never store any personal information, such as your name, or date of birth, or financial information, such as your accounts and balances.
Most recent browser versions allow the user to set some level of control over which cookies are accepted and how your browser uses them. Many browsers will allow you to accept cookies from only known, reliable sites that you select such as the null site. If you are concerned about cookies, we encourage you to upgrade your browser to a recent version and review the Help section of your browser to learn more about it's specific control features.
We use a persistent cookie to store information to help you personalize the null site and to make it easier to use. For example, we allow you to make the null login easier by remembering your Member ID and Branch within our Memorized Accounts feature. Since the Memorized Accounts feature is optional, this cookie only contains information that you have entered into it.
To ensure that someone cannot access your personal information, always exit the null site using the logout button located at the top of every page. When you exit using the logout button, we delete your session cookie so that your session cannot be resumed unless your Member ID and PAC are re-entered.
On the login screen, our Enhanced Security feature provides you even greater control over your Privacy.
When you click on the Enhanced Security checkbox, the null site will prevent your browser from caching (storing in the computer's memory) those pages that you have viewed. Should you click on the Back button to view a previous page during a session, the page will be recalled directly from our server. Therefore, when you logout, no one will be able to view your information by clicking on the Back button, or by viewing the browser's History.
Use this function if you are accessing your accounts from a publicly available computer such as in a library or airport. You may also want to consider using the feature if you are using a computer at work, or a friend's computer, to access your accounts.
Once again, it is important to remind you to always logout of the null site using the logout button.
In the event that you leave your computer without logging out, the null site has been designed to end your session automatically if our system detects that you haven't provided any instructions or used the browser buttons to navigate for several minutes. To restart the session, you will need to provide your PAC again.
To communicate with the Credit Union electronically, we strongly recommend that you use the Contact Us feature from the null site. While security and privacy risks cannot be guaranteed, this feature provides a secure channel by means of 128-bit encryption and SSL (Secure Sockets Layer) technology for sending us comments or questions. Our replies will then be securely routed back to you and will be filed under the Messages section within the null site.
When you use the Contact Us feature to send us your comments or questions, please provide us your email address, so we may use it to correspond with you on other items that are not confidential in nature.
We then store your email and our replies to you so that we can refer to them in future.
We will not provide your email address to anyone outside of the credit union. We may send to you, from time to time, email or other communications containing information about the Credit Union, our products or services, and other matters (including third-party products or services) that we think may be of interest to you. At any time you may ask us to stop sending you email and other information by contacting privacyofficer@cccu.ca. Also, each unsolicited email we send you will provide instructions on how to decline further unsolicited email. From time to time we may also send you email containing important information regarding the Web Site or your accounts. You may not opt out of receiving such email.
If you have asked us to provide you with information on a regular basis, you may ask us to remove you from our list at any time. We intend to include instructions to unsubscribe from the list in every mailing, and on the site where you originally subscribed to the list.
General email is not secure or confidential unless properly encrypted because it passes through many points on its route from you to us. If you are using general email to communicate with us, do not include personal or financial information (such as account numbers) within the email as we cannot guarantee its confidentiality on route to us. Please note that unlike the Contact Us function in the null service, the Feedback function in our public website uses general email functionality and is not secure.
Persons that use email for those purposes do so at their own risk, and the Credit Union, Affiliates and Providers will not be responsible or liable to you or any other person for any loss or damage resulting from: (a) your use of email to communicate with the Credit Union or the Affiliates and Providers; or (b) the use of email by the Credit Union, Affiliates and Providers to communicate with you or other persons at your request.
In providing our complete Internet banking service, we often use external service partners and suppliers to assist us. In performing their duties, these service partners may handle components of your personal information on our behalf. We ensure through our contracts with these partners that they handle your information with the same standard of care that you have come to expect from us. Our suppliers, like our employees, are bound to maintain your confidentiality and may not use the information for unauthorized purposes.
Some of our partners require that you first register with their service to permit us to tie their functionality into the null site. Registration for these external services will always be at your discretion. We may append personally identifiable data to this registration for the Partner to use to compare and validate the registration. You will always be notified of such an action during the registration process.
The null site may also contain links to other websites or Internet resources. As an example, from time-to-time we may provide links to Microsoft or Netscape to assist you in upgrading your Internet browser. However, Credit Union Central of BC has no responsibility or liability for or control over these other websites or Internet resources or their collection, use and disclosure of your personal information. Always review the Privacy Statements of the sites that you are viewing.
To help automate the process of reviewing this Privacy Statement against your personal privacy preferences, we have also enclosed a machine-readable version of this Statement—called a P3P File—on the null site. P3P stands for Platform for Privacy Preferences and is a standard created by the World Wide Web Consortium—a leading Internet standards body. Some Internet browsers such as Microsoft Internet Explorer 6 and Netscape 7 use this P3P File to compare the items outlined in this written policy against a user's preferences. For more information on the P3P standard, we encourage you to visit the P3P site at www.w3.org/p3p.
We welcome any questions or concerns about our null Privacy Statement, or the practices of this site. Please contact us by email, or in writing at the following address:
The Privacy Officer
Coastal Community Credit Union
21 - 13 Victoria Cr.
Nanaimo, BC
V9R 5B9
privacyofficer@cccu.ca
As we continue to expand our online banking service to serve you better, and as new Internet technologies become available, we may need to amend this Privacy Statement at anytime, with our without notice to reflect changes in functionality and practice. Please check this Privacy Statement regularly for changes.