Privacy Policy
Our Policy Regarding the Collection, Use and Disclosure of Your Information
A. Policy Statement

The Gramm-Leach-Bliley Act sets specific requirements for financial institutions to protect customer-member nonpublic personal information. It also required NCUA to issue regulations to implement its provisions. As a result, NCUA issued Part 716 of its Rules and Regulations entitled Privacy of Consumer Financial Information. This requires all federally insured credit unions to comply with NCUA’s Part 716 of its Rules and Regulations.

In compliance with Congress’ requirement that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers/members and to protect the security and confidentiality of those customers/members’ nonpublic personal information, the Board of Directors of the Pennsylvania State Employees Credit Union (PSECU) has adopted the following Privacy Policy, which is further detailed in PSECU’s privacy notice (See Attachment A).

The Privacy Officer, who is the Corporate Compliance Officer, is responsible for the overall effectiveness of the Privacy program and works in conjunction with all PSECU staff to ensure compliance.

B. Goals:

The specific goals of the Privacy Act Policy are:

  • To provide internal controls for ongoing compliance.
  • To have a written board approved privacy policy.
  • To provide privacy notices to all members initially and annually.
  • To designate an individual who will be responsible for overall effectiveness to ensure compliance.
  • To determine if and what information is shared to any party not affiliated with the PSECU.
  • To provide an opportunity for members to “opt out” of information sharing.*
  • To provide initial training and ongoing training as needed.
  • To provide annual independent testing for compliance.

* PSECU does not share member nonpublic personal information; therefore an opt out option is not necessary.

C. Internal Controls:

The following internal controls are in place to ensure compliance with NCUA's Part 716 of its Rules and Regulations entitled Privacy of Consumer Financial Information.

  • PSECU has a written board approved policy. New members are provided a copy of PSECU's privacy notice.
  • Annual notices are provided with the July statements to all members, as well as being available on psecu.com See attachment A for a copy of PSECU's privacy notice.
  • PSECU designated the Corporate Compliance Officer as Privacy Officer, who is responsible for the overall effectiveness and PSECU's adherence to the Privacy Act.
  • All third party contracts are required to include a confidentiality clause, if any member nonpublic information is available to that third party.
  • All requests for member information are granted only by the member's written permission, court order, subpoena, or government enforcement authority.
  • PSECU's Staff Development sends a refresher on the Privacy Policy once a year to all employees.
D. On-going Monitoring
  • Corporate Compliance conducts annual compliance reviews on high profile regulations and risk sensitive compliance issues.
  • Risk Assessments are performed by Corporate Compliance on high profile regulations and risk sensitive compliance issues.
  • Member complaints are tracked, monitored, and responded to by Corporate Compliance.
  • Corporate Compliance monitors the current environment and advises management and PSECU's Security staff of potential breach or violation of our privacy initiatives.
E. Staff Training:

Part of the orientation for new hires includes Privacy and Security training, with a provision for requested follow-up training, to be provided by Corporate Compliance. Additionally, on an annual basis, all employees are provided training on the privacy law requirements including PSECU's Privacy Policy.

F. Independent Testing

Internal Audit Services (IAS) conducts an annual comprehensive compliance audit of PSECU's compliance to the Privacy laws and adherence to PSECU's Privacy Policy.

Attachment A: PSECU's Privacy Notice & Disclosure

PSECU's mission is "To continually strive to maintain a progressive and financially stable credit union that gives PSECU members control over their finances. To provide members with a variety of high quality traditional and innovative financial products and services, which are convenient, with superior pricing and available through self-service delivery channels."

PSECU uses the latest technology to deliver our products and services to all members, which often translates into use of the various technologies for service delivery. PSECU's primary delivery channel is the Internet. A logical concern arising from the rapidly changing world of technology and specifically the Internet is your right to conduct business with us in confidence and your right to maintain privacy over your financial matters.

We, the Board of Directors, want to assure our members that we share your concern. PSECU is committed not only to providing you with the most efficient services, but also to ensure that all business you conduct with us is held in the strictest confidence and that your transactions are safe and secure. PSECU is committed to continually earning the faith and trust you, our members, have placed with us. We value that faith and trust, and take it very seriously. Therefore, we submit to you our pledge of that commitment, through the adoption of our Privacy Policy.

PSECU's Privacy Policy and practices concern the personal information we collect and disclose about our members. It also includes information about third parties who may receive personal and sometimes nonpublic information from us as we conduct the business of the credit union. PSECU and its affiliates follow these practices; therefore, this notice will be applied to all.

PSECU will not sell and/or disclose any of your personal information to any mailing lists or to any merchants. We are in the business of serving our members and not marketing those lists to merchants. PSECU will not engage in the business of unsolicited e-mail (spam). However, we may use e-mail to communicate with you when necessary regarding new services or matters concerning your accounts with us, or news about the credit union.

In addition, the Board of Directors has adopted a Confidentiality of Member Information Policy. This policy is distributed to all staff. The policy basically states that any information disclosed to PSECU in the course of PSECU's business will be held in the strictest of confidence. Unauthorized or illegal disclosure of your private information is considered a policy violation and subjects the guilty party to discipline. Employees are reminded that their responsibility to maintain this privacy continues even after their employment ends.

We invite you to review our Privacy Policy and contact us with any questions you may have.

R. Brian Wilbur, Chair
Board of Directors

Gregory A. Smith, President

Our Policy Regarding the Collection, Use and Disclosure of Your Information

What Information We Collect...
We collect nonpublic personal information about you from the following sources:

  • Information we receive from you on applications and other forms.
  • Information about your transactions with our affiliates or us.
  • Information obtained when verifying the information you provide to us. This may be obtained from your current or past employers, or from other financial transactions, credit reporting agencies, and other sources.
  • We also collect information for non-member pre-approved mailings. This may be obtained from credit reporting agencies and other sources.
  • We may disclose all of the information we collect, as described by law.

What Information We Disclose...
We may disclose nonpublic personal information about you to the following types of third parties:

  • Financial service providers, such as insurance companies, mortgage service companies, and broker-dealers.
  • Non-financial companies , such as consumer reporting agencies, data processors, check printers, financial statement publishers, retailers, plastic card processors, and government agencies (with court orders/subpoenas/member written consent), or any third party with a valid court order, warrant or subpoena.

We share this information only to help us in providing services to members and as permitted or required by law. PSECU and its affiliates may also work closely to offer products and services to meet member needs. PSECU's affiliates are either wholly owned or controlled by PSECU. As a result, we may also share member nonpublic personal information with each other as permitted by law.

To Whom We Disclose Information...
In order for us to conduct the business of running the credit union, we may disclose all of the information we collect, as described above, to companies that perform marketing or other services on our behalf or to other financial institutions with whom we have joint marketing agreements so that we may continue to provide our member competitive products and services. We may also disclose nonpublic personal information about you under circumstances as permitted or required by law.

To protect our member's privacy, we only work with companies that agree in writing to maintain strong confidentiality protections and limit the use of the information we provide.

Disclosure of Information about Former Members...
If you terminate your membership with PSECU or its affiliates, we will not share information we have collected about you, except as permitted or required by law.

Confidentiality and Security of Your Information

Some of the measures PSECU established to protect your personal financial information are:

  • PSECU employees are governed by various policies that include the Code of Conduct, Confidentiality of Member Information policies and Information Security policies. These policies include the responsibility to protect the confidentiality of members' financial and other personal information. This prohibits your credit union Board and Staff from disclosing your personal financial information. This prohibition is in place even after the employment or board relationship is terminated or ends.
  • PSECU is subject to several examinations of our financials, records, policies and procedures. The Pennsylvania Department of Banking and the National Credit Union Administration (NCUA), both perform examinations. In addition we have an outside independent accounting firm conduct an annual audit. PSECU also maintains a professionally trained Internal Audit staff to provide ongoing monitoring of our system of control.
  • PSECU protects and secures both member and employee information at its facility by restricting access to sensitive areas. Electronic badges and PINs are required to gain access to the internal PSECU areas. Additionally, procedures and electronic monitoring are in place in the event of unusual activity, robbery, or fire. We continually evaluate our current physical security measures and monitor new technology as it develops.
  • PSECU has extensive computer system security controls. Our operational and data processing functions are in a secure environment that protects member information from being accessed inappropriately. Our employees have limited access to member information based on their job function. We maintain physical, electronic, and procedural safeguards. Employees are educated on implementing PSECU's policies and security principles and practices.
  • PSECU has sophisticated online banking and Internet security measures in place.
Fair Credit Reporting Act Disclosure

We currently do not share credit report information about our members with our affiliates or any other third party. The use of your credit report information is for internal use only such as determining credit or service approval, other services and employment.

Online Privacy

PSECU recognizes the importance of maintaining a presence on the World Wide Web for informational and e-commerce purposes in both attracting new members and retaining existing members. For the purpose of this statement, e-commerce is defined as the ability of members to access personal account information and general credit union information, to initiate transactions on your credit union accounts, and to apply for additional credit union products and services online, and to access credit union approved vendor sites to conduct credit union related business. Our privacy policy is the same whether you are online or not.

Visiting Us Online

We may gather information about which sites our visitors browse while they are on any PSECU owned site or affiliated site. This enables us to track how a visitor navigates through the site areas in which they show interest. We gather information such as number of hits to the site, page visits, and length of user sessions. This is similar to a traffic report: it tracks trends and behaviors of members/users in general, but does not identify individuals in particular. We use this information to better serve you and it helps keep our site relevant and useful.

Our Use of Cookies

Cookies are small text files assigned and attached by a Web server to the directory file on your PC. Cookies help Web sites recognize return visitors. So, when you return to a Web site that you have visited before, your browser gives this data back to the server. PSECU uses cookies to make your online experience easier and more personalized. As a matter of security, we do not embed your Social Security number, account numbers, password, or other personal information in our cookies.

Our Use of Banners and What They Are

A banner is an electronic advertisement that is attached to a Web site. Some are interactive and some just scroll. By interactive we mean that if you click on the banner you can be directed to another site. We allow banners on our website only from third parties that we approve. Sometimes, these ads or banners may contain small graphics with tags in them. These tags tell us how many people respond to those ads. They do not identify you personally. Instead these tags are used to measure the effectiveness of those ads. They also help us market our products and services to you.

Online Security

We will maintain industry standard security controls to ensure that member information stored in our files and on the computers are protected. Where appropriate, we will use security-coding techniques, like encryption, to protect against unauthorized access and the integrity of communications and transactions, and protect member confidentiality. PSECU uses 128-bit encryption technology, the strongest industry standard encryption available as of October 2007.

We also use firewalls to secure your information. A firewall is a security measure that insulates the credit union's computer network from the World Wide Web. PSECU analyzes traffic coming into and out of our firewalls, which would indicate hacking activity and other computer threats. We also regularly monitor our logs and scan our systems for known vulnerabilities. PSECU contracts with third party security specialists to regularly penetrate our network and to evaluate the security of our online banking application. PSECU has implemented layered security within psecu@home®. Layered security provides an additional means of authentication beyond traditional user names and passwords.  Further, PSECU's on-line presence is subject to regular reviews and tests by independent security providers.

Protecting Children's Online Privacy

PSECU does not knowingly collect, nor is our Web site designed or directed, to use personal information from children under the age of 13 without containing verifiable consent from their parents. We do offer a Planet M section on our Web site that children can access site games, information and access to other sites that are age-appropriate. Should a child whom we know to be under the age of 13 send personal information to us, we will only use that information to respond directly to that child, seek parental consent or provide parental notice.

Links We Have for Non-PSECU Sites

PSECU does have links on our Web site to other vendors and third parties. These links are added to give you opportunities to participate with that vendor or third party to take advantage of their services or products. We cannot guarantee how these third parties use or collect personably identifiable information about you. We urge you to review the privacy policies of each of the linked Web sites you visit. PSECU requires strict confidentiality from any vendors or third parties we associate with, but cannot control every aspect of their business.

How You Can Limit Us from Sharing Information

PSECU does not disclose nonpublic personal information about you to nonaffiliated third parties, except as previously noted. In the unlikely event that this policy would change, we will provide you an opportunity to “opt out.” This means that before we would release any information of a nonpublic, personal, financial nature to any nonaffiliated third party, you will have the chance to tell us not to release it. We will provide to you the exact means of opting out, which will be by writing us, phoning us or e-mailing us. You may opt out at anytime if the need would arise. The opt out by law will not apply to disclosures that are legally permitted or disclosures we make available to companies that perform services on our behalf or to other financial institutions that have joint marketing agreements with us.

Once we would receive your request, we will have a reasonable amount of time to stop the disclosures. You may always contact us for assistance if you wish to later revoke your opt-out election.

PSECU has an e-mail marketing service. PSECU will periodically send e-mails promoting our products and services, or those of our affiliates, to members for whom we have recorded e-mail addresses. All members who receive the marketing e-mails will have the opportunity to opt out of this service at any time by simply clicking the unsubscribe button. As always, all members can opt out by contacting us using the methods described in this policy.

What You as a Member Can Do to Help

PSECU is committed to protecting the privacy of our members. Members can help by following some simple suggestions:

  • Protect your account numbers, plastic card numbers, PINs and passwords. Never keep your PIN with your card.
  • Use caution when disclosing your account numbers, Social Security numbers, etc. to other persons. If you receive a telephone call from someone claiming to be from the credit union, and that unknown person asks for account numbers, or other identifying information, do not give that information.
  • PSECU staff will have access to your information and will not need to ask for it.
    Keep your information with us current. If your address or telephone number changes, please let us know promptly. It is important that we have current information as to how to reach you. If we detect potentially fraudulent or unauthorized activity or use of an account, we will attempt to contact you immediately.
  • After you complete your online session, log out of psecu.com before surfing other sites. It is suggested that you do not surf other sites during your online banking session. As this could allow a cookie to be attached and possibly compromise your information.
  • Review your account statements as soon as possible after receiving them. Contact us immediately regarding any discrepancies.
  • Let us know if you have any questions concerning this notice or your account or any services we provide. Please do not hesitate to contact us. We are here to serve you!

Revised: 10/09/2007

Home | Contact Us | Security | Privacy | Legal Copyright ©  PSECU. All rights reserved. PSECU is an Equal Opportunity Lender.