Si has sido afectado por los incendios y necesitas apoyo o quieres ayudar, visita RizeCU.com/LAstrong.

Política de privacidad

FactsWhat do we do with your personal information?
Why?Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand how we handle user privacy.
What?The types of personal information we collect and share depend on the products or services you have with us. This information can include your Social Security number and income, account balances and payment history, and credit history and credit scores. When you are no longer our customer, we continue to share your information as described in this notice.
How?All financial companies need to share members’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their members’ personal information; the reasons RizeCU chooses to share; and whether you can limit this sharing.
Reasons we can share your personal informationDoes RizeCU Share?Can you limit this sharing?
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureausNo
For our marketing purposes – to offer our products and services to youNo
For joint marketing with other financial companiesNoNo
For our affiliates’ everyday business purposes – information about your transactions and experiencesNo
For our affiliates’ everyday business purposes – information about your creditworthinessNoNo
For our affiliates to market to youNoNo
For nonaffiliates to market to youNoNo
What we do
How does RizeCU protect my personal information?To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. The measures include computer safeguards and secured files and buildings.
How does RizeCU collect my personal information?We collect your personal information, for example, when you open an account or deposit money, pay your bills or apply for a loan, and use your credit or debit card. We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing?Federal law gives you the right to limit only sharing for affiliates’ everyday business purposes – information about your creditworthiness, affiliates from using your information to market to you, sharing for nonaffiliates to market to you, and State laws and individual companies may give you additional rights to limit sharing.
Definitions
AffiliatesCompanies related by common ownership or control. They can be financial and nonfinancial companies. RizeCU’s affiliates include financial companies such as Community Mortgage Funding and Member Advantage Insurance Services.
NonaffiliatesCompanies not related by common ownership or control. They can be financial and nonfinancial companies. RizeCU does not share with nonaffiliates so they can market to you.
Joint marketingA formal agreement between nonaffiliated financial companies that together market financial products or services to you. RizeCU does not jointly market.

California Consumer Privacy Act

Effective June 2023

Your rights under the CCPA as amended by the California Privacy Rights Act of 2020

If you are a California resident, you have the following rights under the CCPA:

  1. The right to know what personal information we have collected about you, including:
    1. The categories of personal information we have collected;
    2. The categories of sources from which the personal information is collected;
    3. The business or commercial purpose(s) for collecting, selling, or sharing your personal information; and
    4. The specific pieces of personal information we have collected about you;
  2. The right to delete personal information we have collected from you, subject to some exceptions;
  3. The right to correct the inaccurate personal information we maintain about you;
  4. If we sell or share your personal information with third parties, the right to opt-out of the sale or sharing of your personal information by the Credit Union;
  5. If we use or disclose your sensitive personal information other than for reasons set forth in Section 7027(m) of the Regulations implementing the CCPA, you have the right to limit our use or disclosure of your sensitive personal information and
  6. The right not to receive discriminatory treatment by the Credit Union for the exercise of privacy rights conferred by the CCPA, including an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights.

However, as a financial institution, the CCPA is not applicable if the information we collect, share, or sell is subject to the federal Gramm-Leach-Bliley Act and its implementing regulations and/or the California Financial Information Privacy Act. Generally speaking, this means we are not required to comply with the CCPA if the information we collected is information that:

  1. You provided to us to obtain a product or service from the Credit Union;
  2. We collected about you resulting from any transaction involving a product or service between you and the Credit Union; or
  3. The Credit Union otherwise obtained about you in connection with providing a product or service to you.

Nevertheless, the Credit Union takes the privacy and security of your personal information seriously and, even though the CCPA may not be applicable to us in most cases, we will honor your rights described in this CCPA Privacy Policy except in the event of a conflict with applicable state or federal law, another exception to the CCPA applies, or complying with your request would be impossible or require disproportionate effort.

The categories of personal information we have collected about California consumers in the preceding 12 months

CategoryExamplesCollected?
1IdentifiesA real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
2Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
3Protected classification characteristics under California or federal lawAge (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
4Commercial informationRecords of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
5Biometric informationGenetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
6Internet or other similar network activityBrowsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
7Geolocation dataPhysical location or movements.
8Sensory dataAudio, electronic, visual, thermal, olfactory, or similar information.
9Professional or employment-related informationCurrent or past job history or performance evaluations.
10Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.No
11Inferences drawn from other personal informationProfile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.No

The categories of sources from which we collect personal information about California consumers

We obtain the categories of personal information listed in the Table above from the following categories of sources:

  • Directly from you. For example, from forms you complete, when you apply for membership, perform transactions, or when you purchase products or services.
  • Indirectly from you. For example, from observing your actions on our Website and your use of applications on your mobile device (such as when and how you have connected to our Website, and your device and/or browser may automatically disclose information such as device type, operating system, browser type, IP address, Internet service provider, pages you visit before and after visiting our Website, the date and time of your visit, information about the links you click and pages you view on our Website, other standard server log information, and we may also collect your mobile device’s GPS signal or other information about nearby Wi-Fi access points and cell towers), when you use your debit or credit card, when you make deposits or withdrawals to/from your accounts, or when you pay your bills.
  • From third parties. We also receive information from third parties, such as credit reporting agencies, government agencies, law enforcement authorities, or service providers. 

The specific business or commercial purposes for which we collect personal information about California consumers

  • To fulfill or meet the reason the consumer provided the information. For example, if you share your name and contact information with us to request a rate quote, to ask a question about our products or services, or to process a transaction, we will use that personal information to respond to your request or question and to process your transactions, accordingly. We may also save your information to facilitate new transactions in the future. We also use your information for customer service and collections purposes and for ongoing account maintenance purposes, such as providing account statements, providing access to online banking, and providing account notifications.
  • To provide, support, personalize, and develop our Website, products, and services.
  • To offer products and/or services we believe may be of interest.
  • To create, maintain, customize, and secure accounts with us.
  • To process requests, purchases, transactions, and payments, and to prevent transactional fraud.
  • To provide support and to respond to inquiries, including to investigate and address concerns and monitor and improve our responses.
  • To personalize Website experiences and to deliver content and product and service offerings relevant to consumer’s interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with consent, where required by law).
  • To help maintain the safety, security, and integrity of our Website, our products and services, our databases and other technology assets, and the Credit Union.
  • To prevent fraud by monitoring activity to detect, investigate, and prevent potentially fraudulent transactions and other illegal activities, as well as to protect the rights and property of the Credit Union and our members.
  • For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described when we collect personal information or as otherwise set forth in the CCPA.
  • For our business purposes, such as to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a liquidation or similar proceeding, in which personal information held by us about our members and Website users/consumers is among the assets transferred.
  • To support our operations and to comply with applicable legal or regulatory requirements.
  • To communicate with consumers via any means (including email, telephone, text message, or in person) about products, services, and events offered by the Credit Union and others, as well as to provide news and information we think will be of interest.
  • To respond to consumers’ comments, questions, and customer service requests, as well as to send members support notices, updates, security alerts, and administrative messages (such as changes to our terms, conditions, and policies).
  • To monitor and analyze trends, usage, and activities in connection with our products and services.
  • To audit the quality and efficacy of our work for compliance, controls, and other risk management.
  • To improve our products and services by identifying issues with existing products and services, enhancing existing products and services, and creating new products and services.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing notice.

The categories of personal information, if any, we have sold or shared to third parties in the preceding 12 months

Please note the CCPA defines “selling” and “sharing” personal information differently than you might expect. Under the CCPA, (1) “selling” and “sharing” personal information means selling or sharing personal information to a “third party” and (2) the term “third party” does not include our service providers or contractors when we have a written contract in place with such service providers or contractors that meet certain requirements set forth in the CCPA. This means our service providers and contractors are not considered “third parties” for CCPA purposes.

With the above in mind, we have not sold or shared consumers’ personal information with third parties (other than our service providers or contractors) in the previous 12 months. 

The categories of personal information, if any, we have disclosed for business purposes to third parties in the preceding 12 months

We have not disclosed consumer’s personal information to third parties (other than our service providers or contractors) for a business purpose in the preceding 12 months.

Additional CCPA required disclosures we are required to make available to you under the CCPA

We have no actual knowledge that we sell or share the personal information of consumers under 16 years of age. The Credit Union does not use or disclose sensitive personal information for purposes other than specified in Section 7027(m) of the CCPA Regulations.

The role of cookies and other online tracking technologies

We, or our service providers, and other companies we work with may deploy and use cookies, web beacons, local shared objects and other tracking technologies for various purposes, such as fraud prevention and to promote our products and services to you. Some of these tracking tools may detect characteristics or settings of the specific device you use to access our online services.

Clear GIFs, pixel tags or web beacons – which are typically one-pixel, transparent images located on a webpage or in an email or other message – or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when served advertisements, or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns and measure engagement.

“First party” cookies are stored by the domain (website) you are visiting directly. They allow the website’s owner to collect analytics data, remember language settings, and perform useful functions that help provide a good experience. “Third-party” cookies are created by domains other than the one you are visiting directly, hence the name third-party. They may be used for cross-site tracking, retargeting and ad-serving. We also believe cookies fall into the following general categories:

  • Essential Cookies: These cookies are technically necessary to provide Website functionality. They are a Website’s basic form of memory, used to store the preferences selected by a user on a given site. As the name implies, they are essential to a Website’s functionality and cannot be disabled by users. For example, an essential cookie may be used to prevent users from having to log in each time they visit a new page in the same session.
  • Performance and Function Cookies: These cookies are used to enhance the performance and functionality of a Website, but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable.
  • Analytics and Customization Cookies: Analytics and customization cookies track user activity, so Website owners can better understand how their site is being accessed and used.
  • Advertising Cookies: Advertising cookies are used to customize a user’s ad experience on a Website. Using the data collected from these cookies, Websites can prevent the same ad from appearing again and again, remember user ad preferences, and tailor which ads appear based on a user’s online activities.

An explanation of how you can exercise your rights and what to expect from the process

How to submit a request:

You can exercise your rights under the CCPA by completing one of the following actions:

For all requests, you must provide the following Information:

To submit a request to know the information we have collected about you, to request we delete information we have about you, or to request we correct information we have you believe is inaccurate, you must provide the following information to us:

  • Your full name
  • Any alias or other name you may have used with us;
  • Your address;
  • How you have interacted with us (i.e., as a member or if you are not a member, explain how you interacted with us);
  • Any other information you feel will help us identify any records we have collected about you.

Please also see the sections below for additional information.

Requests to know:
If you wish to submit a request to know the information we have collected about you, you may request we tell you:

  • The categories of personal information we have collected;
  • The categories of sources from which the personal information is collected;
  • The business or commercial purpose(s) for collecting, selling, or sharing your personal information;
  • If applicable, the categories of third parties with whom we share personal information;
  • If applicable, the categories of personal information  we sold, and for each category identified, the categories of third parties to whom we sold that particular category of personal information; and
  • If applicable, the categories of personal information we disclosed for a business purpose, and for each category identified, the categories of third parties to whom it disclosed that particular category of personal information.

In response to a request to know, we will provide all the personal information we have collected and maintain about you on or after January 1, 2022, including beyond the 12-month period preceding our receipt of the request, unless doing so proves impossible or would involve disproportionate effort, or you request data for a specific time period. The information we provide will include any personal information our service providers or contractors collected pursuant to their written contract with us. If we claim that providing personal information beyond the 12-month period would be impossible or would involve disproportionate effort, we will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot provide personal information beyond the 12-month period. We will not simply state it is impossible or would require disproportionate effort.

If you want us to disclose the specific pieces of personal information we have collected about you, you must specify you want to know this information at the time you submit your request. For requests that seek the disclosure of specific pieces of information, if we cannot verify your identity, we will not disclose any specific pieces of personal information to you and we will inform you we cannot verify your identity. If the request is denied in whole or in part, we will also evaluate your request as if it is seeking the disclosure of categories of personal information about you.

For requests that seek the disclosure of categories of personal information about you, if we cannot verify your identity, we may deny the request and we will inform you we cannot verify your identity. If the request is denied in whole or in part, we will provide or direct you to our general business Information Practices regarding the collection, maintenance, and sale of personal information set forth in our privacy policy.

We are not required to search for personal information if all of the following conditions are met:

  1. We do not maintain the personal information in a searchable or reasonably accessible format;
  2. We maintain the personal information solely for legal or compliance purposes;
  3. We do not sell the personal information and do not use it for any commercial purpose; and
  4. We describe to you the categories of records that may contain personal information we did not search because we meet the conditions stated above.

We will not disclose in response to a request to know your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, security questions and answers, or unique biometric data generated from measurements or technical analysis of human characteristics. We will, however, inform you with sufficient particularity we have collected the type of information. For example, we may respond that we collect “unique biometric data including a fingerprint scan” without disclosing the actual fingerprint scan data.

If we deny your verified request to know specific pieces of personal information, in whole or in part, because of a conflict with federal or state law, or an exception to the CCPA, we will inform you and explain the basis for the denial, unless prohibited from doing so by law. If the request is denied only in part, we will disclose the other information you requested.

We will use reasonable security measures when transmitting personal information to you.

Requests to delete:
In addition to the general information, you must provide in connection with your request (see “For all requests, you must provide the following information” above), to request information be deleted, you must identify the information you would like us to delete.

If we cannot verify your identity, we may deny the request to delete. We will inform you that your identity cannot be verified.

As set forth in the CCPA regulations, we will comply with a verified request to delete your personal information by:

  1. Permanently and completely erasing the personal information on from our existing systems with the exception of archived or back-up systems, deidentifying the personal information, or aggregating your information;
  2. Notifying our service providers or contractors to delete your personal information from their records which they collected pursuant to their written contract with us, or if enabled to do so by the service provider or contractor, we will delete the personal information the service provider or contractor collected pursuant to their written contract with us; and
  3. Notifying all third parties to whom we have sold or shared the personal information (if applicable) to delete your personal information unless this proves impossible or involves disproportionate effort.

If we, a service provider, or a contractor stores any personal information on archived or backup systems, we/it may delay compliance with your request to delete, with respect to data stored on the archived or backup system, until the archived or backup system relating to that data is restored to an active system or is next accessed or used for a sale, disclosure, or commercial purpose.

In responding to a request to delete, we will inform you whether or not we have complied with your request. We will maintain a record of the request as required by regulation. We, our service providers, contractors, or third parties may retain a record of the request for the purpose of ensuring your personal information remains deleted.

In cases where we deny your request to delete in whole or in part, we will do all of the following:

  1. Provide you with a detailed explanation of the basis for the denial, including any conflict with federal or state law, or exception to the CCPA, or factual basis for contending compliance would be impossible or involve disproportionate effort, unless prohibited from doing so by law;
  2. Delete your personal information that is not subject to the exception;
  3. Not use your personal information retained for any other purpose than provided for by that exception; and
  4. Instruct our service providers and contractors to delete your personal information that is not subject to the exception and to not use your personal information retained for any purpose other than the purpose provided for by that exception.

In responding to a request to delete, we may present you with the choice to delete select portions of your personal information as long as a single option to delete all personal information is also offered and more prominently presented than the other choices. If we provide California consumers the ability to delete select categories of personal information (e.g., purchase history, browsing history, voice recordings) in other contexts, however, we must inform you of your ability to do so and direct you how you can do so. 

Requests to correct:
In addition to the general information, you must provide in connection with your request (see “For all requests, you must provide the following information” above), to request information be corrected, you must identify the information you would like us to correct.

If we cannot verify your identity, we may deny the request to correct. We will inform you your identity cannot be verified.

In determining the accuracy of the personal information is the subject of your request to correct, we will consider the totality of the circumstances relating to the contested personal information. We may deny your request to correct if we determine the contested personal information is more likely than not accurate based on the totality of the circumstances. Considering the totality of the circumstances includes, but is not limited to, considering:

  1. The nature of the personal information (e.g., whether it is objective, subjective, unstructured, sensitive, etc.);
  2. How we obtained the contested information; and
  3. Documentation relating to the accuracy of the information, whether provided by you, available to us, or obtained via another source.

If we are not the source of the personal information and we have no documentation to support the accuracy of the information, your assertion of inaccuracy may be sufficient to establish the personal information is inaccurate.

If we comply with your request to correct, we will correct the personal information at issue on our existing systems and implement measures to ensure the information remains corrected. We will also instruct our service providers and contractors that maintain the personal information at issue pursuant to their written contract with us to make the necessary corrections in their respective systems. Service providers and contractors must comply with our instructions to correct the personal information or enable us to make the corrections and must also ensure the information remains corrected.

If we, a service provider, or a contractor store any personal information that is the subject of your request to correct on archived or backup systems, we/it may delay compliance with your request to correct, with respect to data stored on the archived or backup system, until the archived or backup system relating to that data is restored to an active system or is next accessed or used.

We will accept, review, and consider any documentation you provide in connection with your request to correct whether provided voluntarily or as required by us. You should make a good-faith effort to provide us with all necessary information available at the time of your request.

We may require you to provide documentation if necessary to rebut our own documentation that the personal information is accurate. In determining the necessity of the documentation requested, we will consider the following:

  1. The nature of the personal information at issue (e.g., whether it is objective, subjective, unstructured, sensitive, etc.).
  2. The nature of the documentation upon which we consider the personal information to be accurate (e.g., whether the documentation is from a trusted source, whether the documentation is verifiable, etc.)
  3. The purpose for which we collect, maintain, or use the personal information. For example, if the personal information is essential to the functioning of the Credit Union, we may require more documentation.
  4. The impact on you. For example, if the personal information has a negative impact on you, we may require less documentation.

Any documentation provided by you in connection with your request to correct shall only be used and/or maintained by us for the purpose of correcting your personal information and to comply with the record-keeping obligations under the CCPA regulations.

We will implement and maintain reasonable security procedures and practices in maintaining any documentation relating to your request to correct.

We may delete the contested personal information as an alternative to correcting the information if the deletion of the personal information does not negatively impact you, or if you consent to the deletion. For example, if deleting instead of correcting inaccurate personal information would make it harder for you to obtain a job, housing, credit, education, or other type of opportunity, we will process the request to correct or obtain your consent to delete the information.

In responding to a request to correct, we will inform you whether or not we have complied with your request. If we deny your request to correct in whole or in part, we will do the following:

  1. Explain the basis for the denial, including any conflict with federal or state law, exception to the CCPA, inadequacy in the required documentation, or contention that compliance proves impossible or involves disproportionate effort.
  2. If we claim complying with your request to correct would be impossible or would involve disproportionate effort, we will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request. We will not simply state it is impossible or would require disproportionate effort.
  3. If we deny your request to correct personal information collected and analyzed concerning your health, you may provide a written statement to us to be made part of your record per Civil Code section 1798.185, subdivision (a)(8)(D). The written statement is limited to 250 words per alleged inaccurate piece of personal information and you must request the statement be made part of your record. Upon receipt of such a statement, we will include it with your record and make it available to any person with whom we disclose, share, or sell the personal information that is the subject of the request to correct.

If the personal information at issue can be deleted pursuant to a request to delete, you can make a request to delete the personal information. See “How to submit a request,” “For all requests, you must provide the following information”,” and “Requests to delete” above.   

We may deny your request to correct if we have denied your request to correct the same alleged inaccuracy within the past six months of receiving the request. However, we must treat the request to correct as new if you provide new or additional documentation to prove the information at issue is inaccurate.

We may deny a request to correct if we have a good-faith, reasonable, and documented belief a request to correct is fraudulent or abusive. We will inform you we will not comply with the request and will provide an explanation why we believe the request is fraudulent or abusive.

Where we are not the source of the information you contend is inaccurate, in addition to processing your request, we may, but we are not required to, provide you with the name of the source from which we received the alleged inaccurate information.

Upon request, we will disclose all the specific pieces of personal information we maintain and have collected about you to allow you to confirm we have corrected the inaccurate information that was the subject of your request to correct. This disclosure will not be considered a response to a request to know that is counted towards the limitation of two requests within a 12-month period as set forth in Civil Code section 1798.130, subdivision (b). With regard to a correction to your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, security questions and answers, or unique biometric data generated from measurements or technical analysis of human characteristics, we will not disclose this information, but we may provide a way to confirm the personal information we maintain is the same as what you have provided.

The following is a general description of the process we use to verify your identity when submitting a request to know, a request to delete, or a request to correct:

By law and regulation, we are required to positively verify your identity prior to responding to your requests.

  • You will need to provide a valid identification card (i.e., a state-issued driver’s license, ID card, or US or other government-issued passport) plus the address portion of a utility bill, bank, investment, or credit card statement (number redacted) that contains the name and address that matches your ID and information request.
  • If making a request by phone, we may require you to answer specific questions based on information we have or can obtain about you or we may ask you to otherwise verify your identity.
  • If you are requesting to know specific pieces of information, a higher degree of verification may be required. We will also require, pursuant to CCPA regulations, that you submit a signed declaration under penalty of perjury that you are the consumer to whom the information relates.
  • If we are unable to positively identify the person making the request is the consumer to whom the information relates, we may ask for additional verification or we may deny the request.

If you use an authorized agent to submit a request to know information under CCPA, you must verify your own identity with us and provide the agent written permission to submit the request on your behalf unless the agent holds a valid Power of Attorney or Conservatorship of the Person or the Estate for you. An agent’s failure to provide proof of authorization will result in a denial of the request.

Your rights to opt-out and to limit use or sharing of your sensitive personal information

The CCPA gives you the right to tell us not to sell or share your personal information with third parties by opting-out of such information sales or sharing. However, the CCPA also states we are not required to provide you with the right to opt-out if we only sell or share your personal information with our service providers or contractors pursuant to a written contract meets specific requirements, such as the requirement that we only sell or share your personal information to the extent that is reasonably necessary for the service provider or contractor to carry-out the contracted for business purpose and provided the service provider or contractor agrees only to use your personal information for that purpose. You do not have the right to opt-out because we do not sell or share your personal information outside of an exception that allows us to do so.

In addition, the CCPA gives you the right to limit our use or sharing of your sensitive personal information. However, the CCPA also states we are not required to provide you with the right to limit our use or sharing of your sensitive personal information so long as we only share it for the specific purposes set forth in Section 7027(m) of the regulations implementing the California Privacy Rights Act. We are not required to provide you with the right to limit our use or disclosure of your sensitive personal information because we only use or disclose such sensitive personal information for the following purpose(s):

  1. To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services. For example, a consumer’s precise geolocation may be used by a mobile application that is providing the consumer with directions on how to get to specific location. A consumer’s precise geolocation may not, however, be used by a gaming application where the average consumer would not expect the application to need this piece of sensitive personal information.
  2. To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information, provided that the use of the consumer’s personal information is reasonably necessary and proportionate for this purpose. For example, a business may disclose a consumer’s log-in information to a data security company that it has hired to investigate and remediate a data breach that involved that consumer’s account.
  3. To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions, provided that the use of the consumer’s personal information is reasonably necessary and proportionate for this purpose. For example, a business may use information about a consumer’s ethnicity and/or the contents of email and text messages to investigate claims of racial discrimination or hate speech.
  4. To ensure the physical safety of natural persons, provided that the use of the consumer’s personal information is reasonably necessary and proportionate for this purpose. For example, a business may disclose a consumer’s geolocation information to law enforcement to investigate an alleged kidnapping.
  5. For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business, provided that the personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business. For example, a business that sells religious books can use information about its customers’ interest in its religious content to serve contextual advertising for other kinds of religious merchandise within its store or on its website, so long as the business does not use sensitive personal information to create a profile about an individual consumer or disclose personal information that reveals consumers’ religious beliefs to third parties.
  6. To perform services on behalf of the business, provided that the use of the consumer’s personal information is reasonably necessary and proportionate for this purpose. For example, a business may use information for maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business.
  7. To verify or maintain the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by the business, provided that the use of the consumer’s personal information is reasonably necessary and proportionate for this purpose. For example, a car rental business may use a consumer’s driver’s license for the purpose of testing that its internal text recognition software accurately captures license information used in car rental transactions.
  8. For purposes that do not infer characteristics about the consumer. For example, a business that includes a search box on their website by which consumers can search for articles related to their health condition may use the information provided by the consumer for the purpose of providing the search feature without inferring characteristics about the consumer.

Questions or concerns?

If you have questions or concerns about this Privacy Policy, you may contact us by:

  • Calling us at 800.866.6474; or
  • Submitting your request to Rize Credit Union, 12701 Schabarum Ave., Irwindale, CA 91706.

Online Privacy Policy

Purpose

To effectively communicate Rize Federal Credit Union’s (RizeCU) policy regarding the privacy of personal information of persons visiting our website.

Introduction

RizeCU understands the importance of protecting your privacy. Our goal is to maintain your trust and confidence when handling your personal information. We are committed to maintaining the confidentiality of your personal information consistent with state and federal laws. This Online Privacy Policy (“Policy”) describes how RizeCU collects, uses, shares, and protects information when you visit or use RizeCU.com (“the Website”). By using the Website, you consent to the terms and conditions of this Policy, including your consent to our use and disclosure of information in the manner described in this Policy. The term “us,” “we” or “our” in this Policy refers to RizeCU.

Collecting, using and sharing information

How we collect information
“Cookies” are pieces of information stored directly on your computer, smartphone or other internet access device. Browser cookies are assigned by a web server to the browser on your device. When you return to a website you have visited before, your browser gives this data back to the server. When you visit the Website, we may use cookies and information gathered through their use to personalize your experience with us based on the products, services and other interactions. Information gathered through the use of cookies may be used to make offers to you via online ads, email, mail or phone, subject to the privacy preferences you have on file with RizeCU. Cookies we use do not contain or capture unencrypted personal information.

The browsers of most computers, smartphones and other internet access devices are set up to accept cookies. You can refuse to accept these cookies through your browser settings. You will need to manage your cookie settings for each device and browser. If you choose to reject cookies, you may not be able to use the full functionality of the Website. For example, if we are not able to recognize your device, you will need to answer a challenge question each time you log on. You also may not receive customized advertising or other offers relevant to your interests and needs.

How we respond to “do not track” signals
“Do Not Track” (“DNT”) refers to an HTTP header used by Internet web browsers to request an application disable its tracking or cross-site user tracking. When DNT is enabled, a user’s web browser adds a header to content requests indicating the user does not want to be tracked. Applicable law requires us to disclose how we respond to web browser DNT signals. We do not respond to or take any action with respect to a DNT configuration set in your internet browser, and therefore, there is no reason to disable tracking related to RizeCU’s online presence.

Personal information we collect
When you interact with us via our Website, we will not obtain personal information about you unless you choose to provide such information. Personal information that we may collect about you through online interaction includes information that you provide, such as your name, mailing address, email address and other contact information; data resulting from your activity, such as transaction information; and limited location information (for example, a zip code to help you find a nearby ATM).

We will retain your personal information for as long as your account is active or as needed to provide services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Other information we collect
In addition to the personal information described above, we also collect anonymous demographic information, which is not unique to you, such as your zip code, region, preferences, interests, and favorites. We may also automatically collect information about your computer hardware, such as the IP address of your device, the type of operating system and browser you use, search engine used, access times, referring website addresses, the parts of our Website you access, and the sites you visit next.

The role of cookies and other online tracking technologies

We, or our service providers, and other companies we work with may deploy and use cookies, web beacons, local shared objects and other tracking technologies for various purposes, such as fraud prevention and to promote our products and services. Some of these tracking tools may detect characteristics or settings of the specific device accessing our online services.

Clear GIFs, pixel tags or web beacons – which are typically one-pixel, transparent images located on a webpage or in an email or other message – or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when served advertisements, or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns and measure engagement.

“First party” cookies are stored by the domain (website) you are visiting directly. They allow the website’s owner to collect analytics data, remember language settings, and perform useful functions that help provide a good experience. “Third-party” cookies are created by domains other than the one you are visiting directly, hence the name third-party. They may be used for cross-site tracking, retargeting and ad-serving. We also believe cookies fall into the following general categories:

  • Essential Cookies: These are a website’s basic form of memory, used to store the preferences selected by a user on a given site. As the name implies, they are essential to a website’s functionality and cannot be disabled by users. For example, an essential cookie may be used to prevent users from having to log in each time they visit a new page in the same session.
  • Performance and Function Cookies: These are used to enhance the performance and functionality of a website, but are not essential to its use. However, without these cookies, certain functions (like videos) may become unavailable.
  • Analytics and Customization Cookies: These track user activity, so website owners can better understand how their site is being accessed and used.
  • Advertising Cookies: These are used to customize a user’s ad experience on a website. Using the data collected from these cookies, websites can prevent the same ad from appearing again and again, remember user ad preferences, and tailor which ads appear based on a user’s online activities.
  • Geolocation Cookies: These allow us to determine your location in order to provide information you request, such as the location of the nearest branch or ATM through the Mobile App. If enabled, your location data may be collected while the app is closed or not in use. You may disable or adjust the Location Services at any time through your mobile device’s settings.

Third-party widgets

We may allow certain widgets (e.g., social share buttons) on our Website allowing users to easily share information on another platform, such as social media. The third parties that own these widgets may have access to information about your browsing on pages of our Website where these widgets are placed. You may wish to review information at third-party sites, such as social media platforms where you have an account, to determine how these third parties collect and use such information.

How we use information

In addition to the uses described above, we use the information for purposes as allowed by law, such as:

  • To process applications and transactions;
  • To service your accounts with us;
  • To send you important information regarding the Website, changes to terms, conditions and/or policies;
  • To track Website usage, such as number of hits, pages visited, and the length of user sessions in order to evaluate the usefulness of our Website;
  • To verify your identity (such as when you access your account information);
  • To respond to your requests and to communicate with you;
  • To send you marketing communications that we believe may be of interest to you;
  • To allow you to participate in surveys, sweepstakes, contests and similar promotions;
  • For our business purposes, including data analysis, developing and improving our products and services, and enhancing our Website;
  • To resolve disputes and prevent and defend claims;
  • To protect our rights and property;
  • To comply with laws and regulations; and
  • To prevent fraud and enhance the security of our Website.

How we share your information with third parties

If you are a RizeCU member, we will use and share any information we collect from or about you in accordance with our Política de privacidad.

RizeCU may share the information we collect from and about you with service providers with whom we work, such as data processors and companies that help us market products and services. When permitted or required by law, we may share information with additional third parties for purposes including response to legal process. Where appropriate, we will limit sharing of your information in accordance with our Política de privacidad.

We do not partner with third parties for the purposes of engaging in online behavioral tracking, nor do we permit third parties to collect from the RizeCU Website personally identifiable information about your online activities.

Children’s online information privacy

Our website is not intended for children under the age of 13. We do not knowingly collect, maintain, or use personally identifiable information from our Website about children under the age of 13 without parental consent. For more information about the Children’s Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website.

Updating your personal information

Keeping your account information up-to-date is important. You can access and/or update your personal information in connection with your account or application by logging on to Banca digital or by calling our Contact Center at 800.866.6474.

Seguridad

Security measures have been implemented to improve Banca digital security. The login security uses a verification code to authenticate yourself via text message and/or a voice call to ensure it’s you trying to access your Banca digital accounts. The options on how to receive your verification codes are provided during the login security setup. Login Security allows us to recognize you as the true owner of your account by recognizing not only your login information but also your computer. If we don’t recognize your computer, you will be requested to receive a new verification code. This adds an additional layer of protection from fraud and identity theft by preventing unauthorized access to your secure financial information.

Linking to other websites

The RizeCU Website may contain links to third party websites. Although these links are to provide you with access to useful information, RizeCU does not control and is not responsible for any of these websites or their contents. We do not know or control what information third-party websites may collect regarding your personal information. RizeCU provides these links to you only as a convenience, and RizeCU does not endorse or make any representations about using such third party websites or any information, software or other products or materials found there, or any results that may be obtained from using them. We encourage you to review the privacy statements of websites you choose to link to from the RizeCU Website so you can understand how those websites collect, use, and share your information. RizeCU is not responsible for the security or privacy practices of the linked websites.

Updates to this Online Privacy Policy

From time to time, we may change this Policy. The effective date of this Policy, as indicated above, reflects the last time this Policy was revised. Any changes to this Policy will become effective when we post the revised Policy on our Website. Your use of the Website following these changes means you accept the revised Policy.